From e52f61260b4260949c59c01c9fb6624cf13af800 Mon Sep 17 00:00:00 2001 From: Andrew Cheuk Date: Fri, 26 Jul 2024 16:22:05 -0700 Subject: [PATCH 1/6] US939749: initial commit of remove pssg (#328) Co-authored-by: im683661 Co-authored-by: ac658123 --- charts/portal/Chart.yaml | 2 +- charts/portal/README.md | 69 ++----- charts/portal/templates/ingress/ingress.yaml | 4 +- charts/portal/templates/ingress/route.yaml | 2 +- charts/portal/templates/pssg/pssg-config.yaml | 45 ----- .../templates/pssg/pssg-deployment.yaml | 183 ------------------ charts/portal/templates/pssg/pssg-pdb.yaml | 18 -- charts/portal/templates/pssg/pssg-secret.yaml | 15 -- .../portal/templates/pssg/pssg-service.yaml | 30 --- charts/portal/values-production.yaml | 42 +--- charts/portal/values.yaml | 33 +--- 11 files changed, 23 insertions(+), 420 deletions(-) delete mode 100644 charts/portal/templates/pssg/pssg-config.yaml delete mode 100644 charts/portal/templates/pssg/pssg-deployment.yaml delete mode 100644 charts/portal/templates/pssg/pssg-pdb.yaml delete mode 100644 charts/portal/templates/pssg/pssg-secret.yaml delete mode 100644 charts/portal/templates/pssg/pssg-service.yaml diff --git a/charts/portal/Chart.yaml b/charts/portal/Chart.yaml index 6f633d0c..67eb4cd8 100644 --- a/charts/portal/Chart.yaml +++ b/charts/portal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "5.3" description: CA API Developer Portal name: portal -version: 2.4.0 +version: 2.4.1 type: application home: https://github.com/CAAPIM/apim-charts maintainers: diff --git a/charts/portal/README.md b/charts/portal/README.md index 658cd1b9..728ddfbe 100644 --- a/charts/portal/README.md +++ b/charts/portal/README.md @@ -3,6 +3,8 @@ The Layer7 API Developer Portal (API Portal) is part of the Layer7 API Managemen ## Introduction This Chart deploys the Layer7 API Developer Portal on a Kubernetes Cluster using the Helm Package Manager. +## 2.4.1 General Updates +- Removed PSSG container ## 2.3.9 General Updates - This new version of the chart supports API Portal 5.3 ## 2.3.8 General Updates @@ -217,9 +219,9 @@ This section describes configurable parameters in **values.yaml**, there is also | `portal.analytics.aggregation` | Enable/Disable Aggregation, requires a min of 2 analytics.replicaCount | `false` | | `portal.license.secretName` | License secret name | `portal-license` | | `portal.license.value` | License value - ***Note: these are not required for Portal 5.x *** | `` | -| `portal.internalSSG.secretName` | APIM/PSSG secret name | `ssg-secret` | -| `portal.internalSSG.username` | APIM/PSSG username - auto-generated | `auto-generated` | -| `portal.internalSSG.password` | APIM/PSSG password - auto-generated | `auto-generated` | +| `portal.internalSSG.secretName` | APIM secret name | `ssg-secret` | +| `portal.internalSSG.username` | APIM username - auto-generated | `auto-generated` | +| `portal.internalSSG.password` | APIM password - auto-generated | `auto-generated` | | `portal.papi.secretName` | PAPI secret name | `papi-secret` | | `portal.papi.password` | PAPI password - auto-generated | `` | | `portal.otk.port` | OTK Port, update this to 9443 if migrating from Docker Swarm | `443` | @@ -386,30 +388,6 @@ This section describes configurable parameters in **values.yaml**, there is also | `portalEnterprise.podSecurityContext`| Portal enterprise pod's security context settings. Overrides global.podSecurityContext settings | `{} evaluated as a template` | | `portalEnterprise.containerSecurityContext`| Portal enterprise container's security context settings. Overrides global.containerSecurityContext settings | `{} evaluated as a template` | | `portalEnterprise.forceRedeploy` | Force redeployment during helm upgrade whether there is a change or not | `false` | -| `pssg.forceRedeploy` | Force redeployment during helm upgrade whether there is a change or not | `false` | -| `pssg.replicaCount` | Number of PSSG nodes | `1` | -| `pssg.image.pullPolicy` | PSSG image pull policy | `IfNotPresent` | -| `pssg.pdb.create` | Create PodDisruptionBudget (PDB) object | `false` | -| `pssg.pdb.maxUnavailable` | Maximum number of simultaneous unavailable pods | `not set` | -| `pssg.pdb.minAvailable` | Minimum number of available pods | `1` | -| `pssg.strategy` | Update strategy | `{} evaluated as a template` | -| `pssg.resources` | Resource request/limits | `{} evaluated as a template` | -| `pssg.nodeSelector` | Node labels for pod assignment | `{} evaluated as a template` | -| `pssg.tolerations` | Pod tolerations for pod assignment | `{} evaluated as a template` | -| `pssg.affinity` | Affinity for pod assignment | `{} evaluated as a template` | -| `pssg.additionalLabels` | A list of custom key: value labels | `not set` | -| `pssg.podSecurityContext` | PSSG pod's security context settings. Overrides global.podSecurityContext settings | `{} evaluated as a template` | -| `pssg.containerSecurityContext`| PSSG container's security context settings. Overrides global.containerSecurityContext settings | `{} evaluated as a template` | -| `pssg.additionalEnv.CONFIG_8443_TLS` | Enabled Port 8443 TLS Versions | `If not specfied, Portal TLS defaults are enabled.` see [Portal TLS Defaults](#portal-tls-defaults) | -| `pssg.additionalEnv.CONFIG_9443_TLS` | Enabled Port 9443 TLS Versions | `If not specfied, Portal TLS defaults are enabled` see [Portal TLS Defaults](#portal-tls-defaults) | -| `pssg.additionalEnv.CONFIG_9446_TLS` | Enabled Port 9446 TLS Versions | `If not specfied, Portal TLS defaults are enabled` see [Portal TLS Defaults](#portal-tls-defaults) | -| `pssg.additionalEnv.CONFIG_9447_TLS` | Enabled Port 9447 TLS Versions | `If not specfied, Portal TLS defaults are enabled` see [Portal TLS Defaults](#portal-tls-defaults) | -| `pssg.additionalEnv.CONFIG_9448_TLS` | Enabled Port 9448 TLS Versions | `If not specfied, Portal TLS defaults are enabled` see [Portal TLS Defaults](#portal-tls-defaults) | -| `pssg.additionalEnv.CONFIG_8443_CIPHER_SUITE` | Enabled Port 8443 Cipher Suites | `If not specfied, Portal Cipher Suites defaults are enabled` see [Portal Cipher Suites Defaults](#portal-cipher-suites-defaults) | -| `pssg.additionalEnv.CONFIG_9443_CIPHER_SUITE` | Enabled Port 9443 Cipher Suites | `If not specfied, Portal Cipher Suites defaults are enabled` see [Portal Cipher Suites Defaults](#portal-cipher-suites-defaults) | -| `pssg.additionalEnv.CONFIG_9446_CIPHER_SUITE` | Enabled Port 9446 Cipher Suites | `If not specfied, Portal Cipher Suites defaults are enabled` see [Portal Cipher Suites Defaults](#portal-cipher-suites-defaults) | -| `pssg.additionalEnv.CONFIG_9447_CIPHER_SUITE` | Enabled Port 9447 Cipher Suites | `If not specfied, Portal Cipher Suites defaults are enabled` see [Portal Cipher Suites Defaults](#portal-cipher-suites-defaults) | -| `pssg.additionalEnv.CONFIG_9448_CIPHER_SUITE` | Enabled Port 9448 Cipher Suites | `If not specfied, Portal Cipher Suites defaults are enabled` see [Portal Cipher Suites Defaults](#portal-cipher-suites-defaults) | | `tenantProvisioner.forceRedeploy` | Force redeployment during helm upgrade whether there is a change or not | `false` | | `tenantProvisioner.replicaCount` | Number of tenant provisioner nodes | `1` | | `tenantProvisioner.javaOptions` | Java Options to pass in | `-Xms512m -Xmx512m` | @@ -437,16 +415,16 @@ This section describes configurable parameters in **values.yaml**, there is also #### Common configurations across multiple containers | Parameter | Description | Default | Container | |------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------|--------------|-------------------------------------------------------------------------------------| -| `.additionalEnv.DATABASE_POOL_MINPOOLSIZE` | Minimum number of Connections a pool will maintain at any given time | `5` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_MAXPOOLSIZE` | Maximum number of Connections a pool will maintain at any given time | `30` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_CHECKOUTTIMEOUT` | The number of milliseconds a client calling getConnection() will wait for a Connection to be checked-in or acquired when the pool is exhausted | `30000 (ms)` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_MAXSTATEMENTSPERCONNECTION` | The number of PreparedStatements to be cached for a single pooled Connection | `50` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_IDLECONNECTIONTESTPERIOD` | Test all idle, pooled but unchecked-out connections, every this number of seconds | `60 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_INITIALPOOLSIZE` | Number of Connections a pool will try to acquire upon startup | `5` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_MAXSTATEMENTS` | The size of global PreparedStatement cache | `300` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_MAXCONNECTIONAGE` | A Connection older than maxConnectionAge will be destroyed and purged from the pool | `0 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_MAXIDLETIME` | Seconds a Connection can remain pooled but unused before being discarded. | `0 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | -| `.additionalEnv.DATABASE_POOL_MAXIDLETIMEEXCESSCONNECTIONS` | Number of seconds that Connections in excess of minPoolSize should be permitted to remain idle in the pool before being culled | `0 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, `pssg` | +| `.additionalEnv.DATABASE_POOL_MINPOOLSIZE` | Minimum number of Connections a pool will maintain at any given time | `5` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_MAXPOOLSIZE` | Maximum number of Connections a pool will maintain at any given time | `30` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_CHECKOUTTIMEOUT` | The number of milliseconds a client calling getConnection() will wait for a Connection to be checked-in or acquired when the pool is exhausted | `30000 (ms)` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_MAXSTATEMENTSPERCONNECTION` | The number of PreparedStatements to be cached for a single pooled Connection | `50` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_IDLECONNECTIONTESTPERIOD` | Test all idle, pooled but unchecked-out connections, every this number of seconds | `60 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_INITIALPOOLSIZE` | Number of Connections a pool will try to acquire upon startup | `5` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_MAXSTATEMENTS` | The size of global PreparedStatement cache | `300` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress`, | +| `.additionalEnv.DATABASE_POOL_MAXCONNECTIONAGE` | A Connection older than maxConnectionAge will be destroyed and purged from the pool | `0 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_MAXIDLETIME` | Seconds a Connection can remain pooled but unused before being discarded. | `0 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | +| `.additionalEnv.DATABASE_POOL_MAXIDLETIMEEXCESSCONNECTIONS` | Number of seconds that Connections in excess of minPoolSize should be permitted to remain idle in the pool before being culled | `0 seconds` | `portalData`, `portalEnterprise`, `tenantProvisioner`, `analytics`,`ingress` | #### Authenticator specific configurations | Parameter | Description | Default | @@ -498,12 +476,7 @@ Portal TLS defaults if the parameters are not set. | `apim.additionalEnv.CONFIG_1885_TLS` | APIM ingress Port 1885 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | | `apim.additionalEnv.CONFIG_9449_TLS` | APIM ingress Port 9449 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | | `apim.additionalEnv.CONFIG_1885_TLS` | APIM ingress Port 1885 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | -| `dispatcher.additionalEnv.CONFIG_HTTPS_TLS` | Dispatcher HTTPS TLS defaults if not specified | `TLSv1.2,TLSv1.3` | -| `pssg.additionalEnv.CONFIG_8443_TLS` | PSSG Port 8443 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | -| `pssg.additionalEnv.CONFIG_9443_TLS` | PSSG Port 9443 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | -| `pssg.additionalEnv.CONFIG_9446_TLS` | PSSG Port 9446 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | -| `pssg.additionalEnv.CONFIG_9447_TLS` | PSSG Port 9447 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | -| `pssg.additionalEnv.CONFIG_9448_TLS` | PSSG Port 9448 TLS defaults if not specified | `TLSv1.2,TLSv1.3` | +| `dispatcher.additionalEnv.CONFIG_HTTPS_TLS` | Dispatcher HTTPS TLS defaults if not specified | `TLSv1.2,TLSv1.3` | ## Portal Cipher Suites Defaults Portal Cipher Suites defaults if the parameters are not set. @@ -516,25 +489,18 @@ Portal Cipher Suites defaults if the parameters are not set. | `apim.additionalEnv.CONFIG_9449_CIPHER_SUITE` | APIM ingress Port 9449 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA` | | `apim.additionalEnv.CONFIG_1885_CIPHER_SUITE` | APIM ingress Port 1885 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA` | | `dispatcher.additionalEnv.CONFIG_HTTPS_CIPHER_SUITE` | Dispatcher HTTPS Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,ECDHE_RSA_AES128_GCM_SHA256,ECDHE_ECDSA_AES128_GCM_SHA256,ECDHE_RSA_AES256_GCM_SHA384,ECDHE_ECDSA_AES256_GCM_SHA384,DHE_RSA_AES128_GCM_SHA256,DHE_DSS_AES128_GCM_SHA256,kEDH+AESGCM,ECDH_RSA_AES128_SHA256,ECDHE_ECDSA_AES128_SHA256,ECDHE_ECDSA_AES128_SHA,ECDHE_ECDSA_AES256_SHA384,ECDHE_ECDSA_AES256_SHA,DES_RSA_AES128_SHA256,DHE_RSA_AES128_SHA,DHE_DSS_AES128_SHA256,DHE_RSA_AES256_SHA256,DHE_DSS_AES256_SHA,DHE_RSA_AES256_SHA,!aNULL,!eNULL,!EXPORT,!DES,!RC4,!3DES,!MD5,!PSK` | -| `pssg.additionalEnv.CONFIG_8443_CIPHER_SUITE` | APIM ingress Port 8443 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` | -| `pssg.additionalEnv.CONFIG_9443_CIPHER_SUITE` | APIM ingress Port 9443 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256` | -| `pssg.additionalEnv.CONFIG_9446_CIPHER_SUITE` | APIM ingress Port 9446 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA` | -| `pssg.additionalEnv.CONFIG_9447_CIPHER_SUITE` | APIM ingress Port 9447 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA` | -| `pssg.additionalEnv.CONFIG_9448_CIPHER_SUITE` | APIM ingress Port 9448 Cipher Suites defaults if not specified | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,TLS_ECDH_RSA_WITH_RC4_128_SHA` | - ### Portal Supported TLS Versions | Name | Description | Supported TLS Versions | | ------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | | `apim` | APIM ingress HTTPS/MQTT-TLS supported TLS Versions | `TLSv1.0,TLSv1.1,TLSv1.2,TLSv1.3` | | `dispatcher` | Dispatcher HTTPS supported TLS Versions | `TLSv1.0,TLSv1.1,TLSv1.2,TLSv1.3` | -| `pssg` | PSSG HTTPS/MQTT-TLS supported TLS Versions | `TLSv1.0,TLSv1.1,TLSv1.2,TLSv1.3` | ### Portal Supported Cipher Suites | Name | Description | Supported TLS Versions | | ------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | | `apim` | APIM ingress HTTPS/MQTT-TLS supported Cipher Suites | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA` | | `dispatcher` | Dispatcher HTTPS supported Cipher Suites | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,ECDHE_RSA_AES128_GCM_SHA256,ECDHE_ECDSA_AES128_GCM_SHA256,ECDHE_RSA_AES256_GCM_SHA384,ECDHE_ECDSA_AES256_GCM_SHA384,DHE_RSA_AES128_GCM_SHA256,DHE_DSS_AES128_GCM_SHA256,kEDH+AESGCM,ECDH_RSA_AES128_SHA256,ECDHE_ECDSA_AES128_SHA256,ECDHE_ECDSA_AES128_SHA,ECDHE_ECDSA_AES256_SHA384,ECDHE_ECDSA_AES256_SHA,DES_RSA_AES128_SHA256,DHE_RSA_AES128_SHA,DHE_DSS_AES128_SHA256,DHE_RSA_AES256_SHA256,DHE_DSS_AES256_SHA,DHE_RSA_AES256_SHA,!aNULL,!eNULL,!EXPORT,!DES,!RC4,!3DES,!MD5,!PSK` | -| `pssg` | PSSG HTTPS/MQTT-TLS supported Cipher Suites | `TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA` | + | ### Portal Request XSS Filter The value of this variable should contain rules for sanitizing malicious scripts @@ -664,7 +630,6 @@ Portal Analytics | Parameter | Description | Default | |-------------------------------------------|----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| | `image.dispatcher` | dispatcher image | `dispatcher:5.3` | -| `image.pssg` | PSSG image | `pssg:5.3` | | `image.apim` | APIM ingress image | `ingress:5.3` | | `image.enterprise` | portal-enterprise image | `portal-enterprise:5.3` | | `image.data` | portal-data image | `portal-data:5.3` | diff --git a/charts/portal/templates/ingress/ingress.yaml b/charts/portal/templates/ingress/ingress.yaml index d0390a79..2ce2b160 100644 --- a/charts/portal/templates/ingress/ingress.yaml +++ b/charts/portal/templates/ingress/ingress.yaml @@ -104,12 +104,12 @@ spec: path: "/" backend: service: - name: pssg + name: apim port: name: tssg-sync {{- else }} - backend: - serviceName: pssg + serviceName: apim servicePort: tssg-sync {{- end }} - host: {{ include "pssg-sso-host" . | quote }} diff --git a/charts/portal/templates/ingress/route.yaml b/charts/portal/templates/ingress/route.yaml index 3ae0cae9..2c1c7249 100644 --- a/charts/portal/templates/ingress/route.yaml +++ b/charts/portal/templates/ingress/route.yaml @@ -50,7 +50,7 @@ spec: termination: passthrough to: kind: Service - name: pssg + name: apim weight: 100 wildcardPolicy: None --- diff --git a/charts/portal/templates/pssg/pssg-config.yaml b/charts/portal/templates/pssg/pssg-config.yaml deleted file mode 100644 index 98a3659e..00000000 --- a/charts/portal/templates/pssg/pssg-config.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: pssg-config - labels: - app: pssg - chart: {{ template "portal.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - BUSINESS_REPORTS_ENABLED: "false" - CONFIG_APIM_HOST: {{ include "tssg-public-host" . | quote }} - CONFIG_APIM_PORT: {{ .Values.portal.otk.port | quote }} - CONFIG_BROKER_HOST: {{ include "broker-host" . | quote }} - CONFIG_BROKER_PORT: {{ .Values.portal.otk.port | quote }} - CONFIG_DSSG_DATALAKE_HOST: {{ include "analytics-host" . | quote }} - CONFIG_DSSG_DATALAKE_PORT: {{ .Values.portal.otk.port | quote }} - CONFIG_ENROLL_NOTIFICATION_EMAIL: {{ required "Please fill in enrollNotificationEmail in values.yaml" .Values.portal.enrollNotificationEmail }} - CONFIG_MAIL_SMTP_HOST: {{ required "Please fill in smtp.host in values.yaml" .Values.smtp.host }} - CONFIG_MAIL_SMTP_PORT: {{ required "Please fill in smtp.port in values.yaml" .Values.smtp.port | quote }} - CONFIG_MAIL_SMTP_REQUIRE_SSL: {{ required "Please fill in smtp.requireSSL in values.yaml" .Values.smtp.requireSSL | quote }} - CONFIG_PSSG_ENROLL_HOST: {{ include "pssg-enroll-host" . | quote }} - CONFIG_PSSG_ENROLL_PORT: {{ .Values.portal.otk.port | quote }} - CONFIG_PSSG_SSO_HOST: {{ include "pssg-sso-host" . | quote }} - CONFIG_PSSG_SSO_PORT: {{ .Values.portal.otk.port | quote }} - CONFIG_PSSG_SYNC_HOST: {{ include "pssg-sync-host" . | quote }} - CONFIG_PSSG_SYNC_PORT: {{ .Values.portal.otk.port | quote }} -{{ if .Values.global.setupDemoDatabase}} - DATABASE_HOST: {{ .Release.Name }}-{{ .Values.global.databaseHost }} -{{ else }} - DATABASE_HOST: {{ .Values.global.databaseHost | quote }} -{{ end }} - DATABASE_NAME: {{ include "portal-db-name" . | quote }} - DATABASE_PORT: {{ include "database-port" . | quote }} - DATABASE_TYPE: {{ required "Please fill in databaseHost in values.yaml" .Values.global.databaseType | quote }} - DATABASE_USE_SSL: {{ .Values.global.databaseUseSSL | quote }} - DATABASE_REQUIRE_SSL: {{ .Values.global.databaseRequireSSL | quote }} - NSS_SDB_USE_CACHE: "no" - PORTAL_VERSION: {{ .Chart.AppVersion | quote }} - SSG_JVM_HEAP: 4096m -{{ if .Values.pssg.additionalEnv }} -{{- range $key, $val := .Values.pssg.additionalEnv }} - {{ $key }}: {{ $val | quote }} -{{- end }} -{{ end }} diff --git a/charts/portal/templates/pssg/pssg-deployment.yaml b/charts/portal/templates/pssg/pssg-deployment.yaml deleted file mode 100644 index f768d28c..00000000 --- a/charts/portal/templates/pssg/pssg-deployment.yaml +++ /dev/null @@ -1,183 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pssg - labels: - app: pssg - chart: {{ template "portal.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - {{- range $key, $val := .Values.global.additionalLabels }} - {{ $key }}: "{{ $val }}" - {{- end }} - {{- range $key, $val := .Values.pssg.additionalLabels }} - {{ $key }}: "{{ $val }}" - {{- end }} -spec: - {{- if .Values.pssg.strategy }} - strategy: {{- toYaml .Values.pssg.strategy | nindent 12 }} - {{- end }} - replicas: {{ .Values.pssg.replicaCount }} - selector: - matchLabels: - app: pssg - template: - metadata: - labels: - app: pssg - {{ if .Values.pssg.forceRedeploy }} - annotations: - timestamp: {{ now | quote }} - {{- end }} - spec: - serviceAccountName: {{ include "portal.serviceAccountName" . }} - {{- if .Values.pssg.affinity }} - affinity: {{- toYaml .Values.pssg.affinity | nindent 12 }} - {{- end }} - {{- if .Values.pssg.nodeSelector }} - nodeSelector: {{- toYaml .Values.pssg.nodeSelector | nindent 12 }} - {{- end }} - {{- if .Values.pssg.tolerations }} - tolerations: {{- toYaml .Values.pssg.tolerations | nindent 12 }} - {{- end }} - {{- if .Values.global.schedulerName }} - schedulerName: "{{ .Values.global.schedulerName }}" - {{- end }} - {{- if .Values.pssg.podSecurityContext }} - securityContext: {{- toYaml .Values.pssg.podSecurityContext | nindent 12 }} - {{- else if .Values.global.podSecurityContext }} - securityContext: {{- toYaml .Values.global.podSecurityContext | nindent 12 }} - {{- end }} - initContainers: - - name: liquidbase-upgrade-portal - image: "{{ .Values.global.portalRepository }}{{ .Values.image.upgradeVerify }}" - args: ["job", 'db-upgrade'] - - name: liquidbase-upgrade-rbac - image: "{{ .Values.global.portalRepository }}{{ .Values.image.upgradeVerify }}" - args: ["job", 'rbac-upgrade'] - containers: - - name: pssg - image: "{{ .Values.global.portalRepository }}{{ .Values.image.pssg }}" - imagePullPolicy: "{{ .Values.pssg.image.pullPolicy }}" - {{- if .Values.pssg.containerSecurityContext }} - securityContext: {{- toYaml .Values.pssg.containerSecurityContext | nindent 12 }} - {{- else if .Values.global.containerSecurityContext }} - securityContext: {{- toYaml .Values.global.containerSecurityContext | nindent 12 }} - {{- end }} - env: - - name: SSG_ADMIN_USERNAME - valueFrom: - secretKeyRef: - name: {{ .Values.portal.internalSSG.secretName }} - key: internal-ssg-username - - name: SSG_ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.portal.internalSSG.secretName }} - key: internal-ssg-password - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Values.global.databaseSecret }} - {{ if eq .Values.global.databaseType "mysql" }} - key: mysql-password - {{ end }} - - name: APIM_SSL_KEY - valueFrom: - secretKeyRef: - name: {{ .Values.tls.externalSecretName }} - key: apim-ssl.p12 - optional: false - - name: DATALAKE_SSL_KEY - valueFrom: - secretKeyRef: - name: {{ .Values.tls.internalSecretName }} - key: apim-datalake.p12 - optional: false - - name: DSSG_SSL_KEY - valueFrom: - secretKeyRef: - name: {{ .Values.tls.internalSecretName }} - key: apim-dssg.p12 - optional: false - - name: SSG_SSL_KEY - valueFrom: - secretKeyRef: - name: {{ .Values.tls.internalSecretName }} - key: pssg-ssl.p12 - optional: false - - name: DATALAKE_SSL_KEY_PASS - valueFrom: - secretKeyRef: - name: {{ .Values.tls.internalSecretName }} - key: keypass.txt - optional: false - - name: DSSG_SSL_KEY_PASS - valueFrom: - secretKeyRef: - name: {{ .Values.tls.internalSecretName }} - key: keypass.txt - optional: false - - name: APIM_SSL_KEY_PASS - valueFrom: - secretKeyRef: - name: {{ .Values.tls.externalSecretName }} - key: keypass.txt - optional: false - - name: SSG_SSL_KEY_PASS - valueFrom: - secretKeyRef: - name: {{ .Values.tls.internalSecretName }} - key: keypass.txt - optional: false - envFrom: - - configMapRef: - name: pssg-config - - secretRef: - name: pssg-secret - readinessProbe: - exec: - command: [sh, /opt/docker/diagnostic/health_check.sh] - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 15 - successThreshold: 1 - failureThreshold: 30 - livenessProbe: - exec: - command: [sh, /opt/docker/diagnostic/health_check.sh] - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 15 - successThreshold: 1 - failureThreshold: 30 - {{- if .Values.pssg.resources }} - resources: {{- toYaml .Values.pssg.resources | nindent 12 }} - {{- end }} - ports: - - containerPort: 8080 - - containerPort: 8443 - - containerPort: 9446 - - containerPort: 9447 - - containerPort: 9448 - {{ if contains "4.5" .Chart.AppVersion }} - volumeMounts: - - name: {{.Values.portal.license.secretName}} - mountPath: /opt/SecureSpan/Gateway/node/default/etc/bootstrap/license/license.xml - subPath: license.xml - {{ end }} - {{- if .Values.global.pullSecret }} - imagePullSecrets: - - name: "{{ .Values.global.pullSecret }}" - {{- end }} - restartPolicy: Always - terminationGracePeriodSeconds: 60 - {{ if contains "4.5" .Chart.AppVersion }} - volumes: - - name: {{.Values.portal.license.secretName}} - secret: - secretName: {{.Values.portal.license.secretName}} - items: - - key: license - path: license.xml - {{ end }} \ No newline at end of file diff --git a/charts/portal/templates/pssg/pssg-pdb.yaml b/charts/portal/templates/pssg/pssg-pdb.yaml deleted file mode 100644 index 0189d302..00000000 --- a/charts/portal/templates/pssg/pssg-pdb.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{ if .Values.pssg.pdb.create }} -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - labels: - app: pssg - name: pssg-pdb -spec: - {{- if .Values.pssg.pdb.minAvailable }} - minAvailable: {{ .Values.pssg.pdb.minAvailable }} - {{- end }} - {{- if .Values.pssg.pdb.maxUnavailable }} - maxUnavailable: {{ .Values.pssg.pdb.maxUnavailable }} - {{- end }} - selector: - matchLabels: - app: pssg -{{ end }} diff --git a/charts/portal/templates/pssg/pssg-secret.yaml b/charts/portal/templates/pssg/pssg-secret.yaml deleted file mode 100644 index 9349a66b..00000000 --- a/charts/portal/templates/pssg/pssg-secret.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: pssg-secret - labels: - app: pssg - chart: {{ template "portal.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -type: Opaque -data: - CONFIG_MAIL_SMTP_USERNAME: {{ required "Please fill in smtp.username in values.yaml" .Values.smtp.username | b64enc }} - CONFIG_MAIL_SMTP_PASSWORD: {{ required "Please fill in smtp.password in values.yaml" .Values.smtp.password | b64enc }} - CONFIG_MAIL_SMTP_CERT: {{ include "smtp-external-crt" . | b64enc }} - DATABASE_USERNAME: {{ required "Please fill in databaseUsername in values.yaml" .Values.global.databaseUsername | b64enc | quote }} \ No newline at end of file diff --git a/charts/portal/templates/pssg/pssg-service.yaml b/charts/portal/templates/pssg/pssg-service.yaml deleted file mode 100644 index 872aed94..00000000 --- a/charts/portal/templates/pssg/pssg-service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: pssg - labels: - app: pssg - chart: {{ template "portal.chart" . }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - port: 8080 - targetPort: 8080 - name: http - - port: 8443 - targetPort: 8443 - name: https - - port: 9446 - targetPort: 9446 - name: tssg-enroll - - port: 9447 - targetPort: 9447 - name: tssg-sync - - port: 9448 - targetPort: 9448 - name: tssg-sso - selector: - app: pssg - type: ClusterIP - sessionAffinity: ClientIP \ No newline at end of file diff --git a/charts/portal/values-production.yaml b/charts/portal/values-production.yaml index b7d43340..755e148b 100644 --- a/charts/portal/values-production.yaml +++ b/charts/portal/values-production.yaml @@ -44,7 +44,7 @@ portal: # Please set analytics.replicaCount to a minimum of 2 aggregation: true # Specify a Gateway v9.x license file via set portal.license.value - # This bootstraps a license to apim and pssg + # This bootstraps a license to apim # To renew a license toggle license.secretName and specify your new license with helm upgrade # i.e portal-license becomes portal-license-1 # Note: a license is not required for version 5.0 and above, these fields are ignored. @@ -443,45 +443,6 @@ portalEnterprise: # topologyKey: "kubernetes.io/hostname" additionalEnv: -pssg: - forceRedeploy: false - replicaCount: 2 - image: - pullPolicy: IfNotPresent - pdb: - create: false - maxUnavailable: "" - minAvailable: "" - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 2 - maxUnavailable: 2 - # ref:https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - podSecurityContext: {} - # ref:https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: {} - resources: - requests: - cpu: 100m - memory: 4096Mi - limits: - cpu: 2000m - memory: 6144Mi -# nodeSelector: {} -# tolerations: [] -# affinity: -# podAntiAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# - labelSelector: -# matchExpressions: -# - key: app -# operator: In -# values: -# - pssg -# topologyKey: "kubernetes.io/hostname" - additionalEnv: - tenantProvisioner: forceRedeploy: false replicaCount: 1 @@ -524,7 +485,6 @@ tenantProvisioner: image: dispatcher: dispatcher:5.3 - pssg: pssg:5.3 apim: ingress:5.3 enterprise: portal-enterprise:5.3 data: portal-data:5.3 diff --git a/charts/portal/values.yaml b/charts/portal/values.yaml index 12810cf1..a9198263 100644 --- a/charts/portal/values.yaml +++ b/charts/portal/values.yaml @@ -46,7 +46,7 @@ portal: # Please set analytics.replicaCount to a minimum of 2 aggregation: false # Specify a Gateway v9.x license file via set portal.license.value - # This bootstraps a license to apim and pssg + # This bootstraps a license to apim # To renew a license toggle license.secretName and specify your new license with helm upgrade # i.e portal-license becomes portal-license-1 # Note: a license is not required for version 5.0 and above, these fields are ignored. @@ -391,36 +391,6 @@ portalEnterprise: # affinity: {} additionalEnv: -pssg: - forceRedeploy: false - replicaCount: 1 - image: - pullPolicy: IfNotPresent - pdb: - create: false - maxUnavailable: "" - minAvailable: "" - strategy: - type: RollingUpdate - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - # ref:https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod - podSecurityContext: {} - # ref:https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container - containerSecurityContext: {} - resources: - requests: {} - # cpu: 100m - # memory: 4096Mi - limits: {} - # cpu: 2000m - # memory: 6144Mi -# nodeSelector: {} -# tolerations: [] -# affinity: {} - additionalEnv: - tenantProvisioner: forceRedeploy: false replicaCount: 1 @@ -454,7 +424,6 @@ tenantProvisioner: image: dispatcher: dispatcher:5.3 - pssg: pssg:5.3 apim: ingress:5.3 enterprise: portal-enterprise:5.3 data: portal-data:5.3 From 6cab92b74748771aa464cc188c7e310720bcfbed Mon Sep 17 00:00:00 2001 From: ksaladi <69457674+ksaladi@users.noreply.github.com> Date: Mon, 14 Oct 2024 21:44:45 +0530 Subject: [PATCH 2/6] Portal update to 5.3.1 release (#334) --- charts/portal/Chart.lock | 2 +- charts/portal/Chart.yaml | 4 +-- charts/portal/README.md | 44 ++++++++++++++------------ charts/portal/charts/druid-1.0.14.tgz | Bin 9453 -> 9452 bytes charts/portal/values-production.yaml | 40 +++++++++++------------ charts/portal/values.yaml | 40 +++++++++++------------ 6 files changed, 66 insertions(+), 64 deletions(-) diff --git a/charts/portal/Chart.lock b/charts/portal/Chart.lock index e6b4fd96..ec265a08 100644 --- a/charts/portal/Chart.lock +++ b/charts/portal/Chart.lock @@ -12,4 +12,4 @@ dependencies: repository: https://kubernetes.github.io/ingress-nginx/ version: 4.10.0 digest: sha256:37372a7aae49609a719e1e1d0f9f9c6ba66b41caaeed4892981db2b50289cda4 -generated: "2024-06-20T19:08:34.36457+05:30" +generated: "2024-10-14T18:34:34.4433706+05:30" diff --git a/charts/portal/Chart.yaml b/charts/portal/Chart.yaml index 67eb4cd8..a7fc7518 100644 --- a/charts/portal/Chart.yaml +++ b/charts/portal/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: "5.3" +appVersion: "5.3.1" description: CA API Developer Portal name: portal -version: 2.4.1 +version: 2.4.2 type: application home: https://github.com/CAAPIM/apim-charts maintainers: diff --git a/charts/portal/README.md b/charts/portal/README.md index fa2fa43a..a15b2201 100644 --- a/charts/portal/README.md +++ b/charts/portal/README.md @@ -3,8 +3,10 @@ The Layer7 API Developer Portal (API Portal) is part of the Layer7 API Managemen ## Introduction This Chart deploys the Layer7 API Developer Portal on a Kubernetes Cluster using the Helm Package Manager. -## 2.4.1 General Updates +## 2.4.2 General Updates +- This new version of the chart supports API Portal 5.3.1 - Removed PSSG container +- Upgrade to 2.4.2 is only supported from 2.3.8 chart version as per the Portal version. ## 2.3.9 General Updates - This new version of the chart supports API Portal 5.3 - Upgrade to 2.3.9 is only supported from 2.3.4 chart version as per the Portal version. @@ -86,7 +88,7 @@ This Chart deploys the Layer7 API Developer Portal on a Kubernetes Cluster using Solutions & Patches](https://techdocs.broadcom.com/us/product-content/recommended-reading/technical-document-index/ca-api-developer-portal-solutions-and-patches.html) page. ### Production -- A dedicated MySQL 8.0.31/8.0.33/8.0.34/8.0.37 server [See TechDocs for more information](https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/5-3/install-configure-and-upgrade/install-portal-on-docker-swarm/configure-an-external-database.html) +- A dedicated MySQL 8.0.31/8.0.33/8.0.34/8.0.37/8.0.39 server [See TechDocs for more information](https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/5-3/install-configure-and-upgrade/install-portal-on-docker-swarm/configure-an-external-database.html) - 3 Worker nodes with at least 4vcpu and 32GB ram - High Availability with analytics - Access to a DNS Server - Signed SSL Server Certificate @@ -634,17 +636,17 @@ Portal Analytics ### Portal Images | Parameter | Description | Default | |-------------------------------------------|----------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| -| `image.dispatcher` | dispatcher image | `dispatcher:5.3` | -| `image.apim` | APIM ingress image | `ingress:5.3` | -| `image.enterprise` | portal-enterprise image | `portal-enterprise:5.3` | -| `image.data` | portal-data image | `portal-data:5.3` | -| `image.tps` | tenant provisioner image | `tenant-provisioning-service:5.3` | -| `image.analytics` | Analytics image | `analytics-server:5.3` | -| `image.authenticator` | Authenticator image | `authenticator:5.3` | -| `image.dbUpgrade` | db upgrade image | `db-upgrade-portal:5.3` | -| `image.rbacUpgrade` | Analytics image, per Portal version | `db-upgrade-rbac:5.3` | -| `image.upgradeVerify` | Upgrade verification image | `upgrade-verify:5.3` | -| `image.tlsManager` | TLS manager image | `tls-automator:5.3` | +| `image.dispatcher` | dispatcher image | `dispatcher:5.3.1` | +| `image.apim` | APIM ingress image | `ingress:5.3.1` | +| `image.enterprise` | portal-enterprise image | `portal-enterprise:5.3.1` | +| `image.data` | portal-data image | `portal-data:5.3.1` | +| `image.tps` | tenant provisioner image | `tenant-provisioning-service:5.3.1` | +| `image.analytics` | Analytics image | `analytics-server:5.3.1` | +| `image.authenticator` | Authenticator image | `authenticator:5.3.1` | +| `image.dbUpgrade` | db upgrade image | `db-upgrade-portal:5.3.1` | +| `image.rbacUpgrade` | Analytics image, per Portal version | `db-upgrade-rbac:5.3.1` | +| `image.upgradeVerify` | Upgrade verification image | `upgrade-verify:5.3.1` | +| `image.tlsManager` | TLS manager image | `tls-automator:5.3.1` | ## Subcharts For Production, use an external MySQL Server. @@ -776,14 +778,14 @@ The following table lists the configured parameters of the Druid Subchart | Parameter | Description | Default | |-----------------------------|---------------------|--------------------------| -| `druid.image.zookeeper ` | Zookeeper image | `zookeeper:5.3` | -| `druid.image.broker` | Broker image | `druid:5.3` | -| `druid.image.coordinator` | Coordinator | `druid:5.3` | -| `druid.image.middlemanager` | Middlemanager image | `druid:5.3` | -| `druid.image.minio` | Minio image | `minio:5.3` | -| `druid.image.historical` | Historical image | `druid:5.3` | -| `druid.image.kafka` | Kafka image | `kafka:5.3` | -| `druid.image.ingestion` | Ingestion image | `ingestion-server:5.3` | +| `druid.image.zookeeper ` | Zookeeper image | `zookeeper:5.3.1` | +| `druid.image.broker` | Broker image | `druid:5.3.1` | +| `druid.image.coordinator` | Coordinator | `druid:5.3.1` | +| `druid.image.middlemanager` | Middlemanager image | `druid:5.3.1` | +| `druid.image.minio` | Minio image | `minio:5.3.1` | +| `druid.image.historical` | Historical image | `druid:5.3.1` | +| `druid.image.kafka` | Kafka image | `kafka:5.3.1` | +| `druid.image.ingestion` | Ingestion image | `ingestion-server:5.3.1` | ## RabbitMQ The following table lists the configured parameters of the Bitnami RabbitMQ Subchart - https://github.com/bitnami/charts/tree/master/bitnami/rabbitmq diff --git a/charts/portal/charts/druid-1.0.14.tgz b/charts/portal/charts/druid-1.0.14.tgz index 89e2614a35fc1a384a77463b033f2b491c35d371..801b865903b07370d838ae33d47ab501ed5769d1 100644 GIT binary patch delta 7216 zcmV-09M9wJN$g3GsDBf+*X{I9y1gINPPf-le*o%pFe4`q6X^b+Zu~8|axWx7$M_w& z*s!e;c=)ODx@IrI`1;}_xVBvaO)$2gxgv&!0UJk+ zg}p>0upq?2qjr04kcD@zX!f#wHm1ee&@q-Rjb_D-B{VDo4Sx%{c+_YC3(}(R;n%P5 zq^k}Z{C_q`8`$<-4Y6$HXp@zLMgTgFX=sr0-*^n_)}dAFH}>87`%hf{AED_X{9Fp4 zK>knqy^bvZgZ`kF|6QbGL3%NP+5^yRYi7(nmq`q0fw2R%1p?=Epd2-h!R^BE1sxa| z=m;Bg3+aH^;C~(g9XY1GLOOsLKrr?0c}9B%$O6&Qq5=Wu=nJ$XggR)qkk`HZfF7Yg&^00CeR^)_Yfn6 za*Gl1oO86a&;6$(KwJ;ej|TZ}nI2-_6CeL-W0LZiHpK|^dg@So`U#`y^h1*N4f@M7 zT>fqbO^l>MF4v$?UmBM9%5N$92z&RsP4)1#i)O}`5zx_N%ket|029rjwxY~ZQdsy5 ze-qUEGJp2=II0iC__OWmBXDBE6>@1O&umviH;9jxu*^}zSi(7COntTO2ZS8tj)Xr4 zib~(zyY>Tp!E{&fP_u1UH!MhO`OVVMbrUV21?P!UOT#kkk^jqowlFZUT|0p8^jel2-QV*&b|Jp!(Z}6u+U;Xfb|Lsor zKxiQTkhb|0xsQg1z*y64&mv%EyIgPq=5O#(!~e_A!nn{}1W7n>kNGT2DRMSw7U+?M z&oO30=aP*pmZ8O;@VCcc>=C;)M;3A+LAsxXmgj;9H4R~W_kdO-{(zVEA5i^*co}f- zX@3uh0J4AtENoN9LSwPv#p<`RJ=fO^Odx+*MN&>xm4N|U6wm^1s9<}T%Jle;=^OC= z?D`EDfAw7ShG+h4m?p3g*Jn#ev;}|xA1m7f3;2lq8USJ|Y&5dByg8s_w3djthK4CC znrVCb)bH*{Zg6i73Hl6IeuE+l-kV4la({rJzb2OM*oH+$pxNXv_{V=ktLPDLK;h9` z!^K}XrroY1ix|)Ze`4DLGs8qwRr}wjpJJov0j+qExkf+yKbVg8;N!>Oy=~7;#48IN z*Zvb}q($cn`r7~hLJvwn+S*0jxrnXV&e#YAoj~`Gz&lmtVz-PWh${YT+cdP*2!CA6 zE^Tt{B8)7;2?eW0p4UZxc?c6c0^gnj{+DRU=92DU_|X?G(^wk0nT~;F>u8Ehq%nm< zGadstn;DitR!nw|8j*-Hwc=|~L7_$U>UQ3CGAh1qRSWA-vOP*vHLhVZ>S5AR@`%h4 z_+xx?$#tiWzW4>GT7)j)li%A8?|)@FG<5!GI2iN>&(-t&_l5n=vXp2Fe{L$@2G3BP zPH}a*C95OOs_{WAyh*PaAJ}iztq<(Hst-EdVj1=`m8iZjIkQR{kH|t8U%U2wz&Xuq zK=T}#a5Y7mZRvOfI$eMK5@U&Mk3=u{;~6we&qcQj7hyWHjX=+D2jm*I9)D#Y__E>HJF|)>1NAwpxbKbmjuN;35VUkmNDyvcUfoWn3i(2|_>Cg_ zuX-|&>_2@~9oF`rU8KnR1Akov3=0!zn%sUvbrv8C1kT18)|!1YU#E?eEdO^4WID*j z3URh(3NDcUVRtC|fBGltNiF}oNZ-D-{{|k7h-6^mNpq z*^U~MFAlVHrW5EUz&Gmx=5A4r8bQ_;(9z7W5NNW|rO>=h&=OuU>wk>Gy^eGR1eD*o z2ZCn3dPJ^k=m>lV#Puu<414TPV>$I^GvflSP3kLT{gC0fz+e-v~^X`#rA%ZZk^~^w~&h;f*cyMD8 zGavnQzhW(NemSLi4S#D6u!FRpm7~VR47kWd5c_SX+05^SdF%0K2H^&%djvcj7||*F z0l!%-O!G*sY|O$&4c>+g8)nMPQLgDtEYSLqRbg~mzJEnt!{*>*lpEewymZ8G?C}~* zI<8@n8EF0&Zv7W-O7!@rtBtzsf28p!bTgG9-xEo@n02*3aDR9%6W${;r@L9MW_GQ_ zhUb6#PF?VwE!UxjK=Z$wpn2DzrSBo05~w{KH9%H{;x_5a z%#qA}K`Gh66JPp&`xXwrrvFE?Wa)6Qqu%65ugf0EPC8!*q*<@d(IEjMJ0=$qve#7raBzK3D=t`dP8GrgR;NU-^GlR-LQ*Q>n$eglG zK>yT%ZN>b{yfQ%-OY#~opWuminbZfOJ341}^A-HLt=SIUGR|{`nL_s#3eA%`cQrvX z!1WNMEp%JMO5n(65FZb>k=52<3t0rYj%#4l!uE`OhAwI|-||U|dEl5MVu>u$rvK`} zzSVbXw|@sMRap?)>FM=~_-1~{dUbVhtE+wQnqE(m_y62~<^O7N8}_ESup;~4uq)%g zPP&6mz5m}uis3&yM~w%=(nsKo_4`NY95t4RKspyN6FqnR#Rdm+^3eTCV8n-x6J+5J z*luM+=j~vaN&6TjoDuyUGRqv-9zl);at*@Z6n|ot0QW+3h0IPTH@{z;P3|toA15M5 z|M%+Zx5?ysa&!0V)%2DV@)c<4nO6cwr~l!o%=OhxRv9|IfbZZh&n7{+v#ZP7@x|rj z=I+DQ`@0X5-zOhpg*jJB;3We)S8e(7@96hi0EHIH|H+9Y|HHwsU(5e4Qhc574@cVV z{(l~q4r5VAILwvTj#S09t)Cm%^%y|>7f+ufA}NhL?GRHaj(&gCzz)(_UTK*nu(mX; z@gp=$cy9)BCO%3Nu#95y6?x7V;g?Sql)o8!nEBPTqVezIzzfNnh{4W2h>a#S+qZ9F z;f?!0U;cdy!-hJbNd5;s+5Ughujl{Wq<{4J-=9x&X8(hm_Cvj)nI0y{y|^BMOWQ&L z(1PiQTN=+04qMDw3YA}UoDBTQRx9H0llnQ0)4TwL$FcZ*Yj z{1Zsf%ri0CH-HmOUhBg1ha&WDye+(^g0R-$Cy3jNc zJ6RG8hoBPT5TnVAS14s@$#&}4xqlMDdJ8SfChS0yNRAjwgb7?atn!xqS=zj%^>x?- zAOh(No+L&|asj0|w-o6U$z^8%MH6cg&M&kGvHuB|W@fSPz%ncySp;;tIrYi;Ln@P>Ri3<&GF23eii7C~Q#Pz1-{NN* z7%v~;P-PnFy&YCAyO}HYdnUz<1}_)^TV$|^ViAL}Q32SojmN*c_HraXYx#)ikI=b6 zvr*i!mT6iHQYzFv{M;8oDSrn^vzJRq*D?RXi#MQcJEW}}aBkU{7+QOQph*^Y+5%}0 z3SRs>UOE>;AEXQ{eULJs^I^ZFL+FE)cGO_E)eX-u?4-WY7A;DxNW)x9do-TXB{xKs zOM@~(o975=RJhWhPsgc5N0NoCp~~WKqDqH*(-Z|M5^82^WEc6Ts5ZDV9Gjov3WqZ$ za+ik1=ECbFMyORB{+vyE@vqcRR0s`pQ zlUxrt0lKr551Isj)cXAYPSQH~zi4D|%u+52P|my;UqA*HFpan0#()29eD}-E)o+uV z=?FZ)*#jKCQ{S<`!~C(2`-|?7x%z!_^Wo~|JP9Jq2{0KJN}vc6Q3vD@eOEW<7nkGP zs}$5?&IiSERlm7y?BezK=Jw+D;_CA5?CR6yZG7?zyG8MTHID;b!rUc+%Yn7}&E)#S z#o0KE3hO!9SJ8ZZ!77s>9_34&Gow|mALnvMfkh7`vgW?E^z)@M^FMc)(LL3(#Q!=O zsGsfKvW<09^4=xG!A7FH_H@?bs0> z#h{GrMJhahAgWLbI-o2w3E*QtRRYGAL}$(0XWq z^zxf?v$5+vm(+`a0+e^;X9+Uc*qt9zuH?;++P|VRKenmamYci;(b|aTuQb zI`GFc2mS~i9Bl*WkYjO+=oCc(Nf3FaP$1B8UQ&F2jBVfmHm~w-Z(GZpo7VGHrLm>#v>pv&{L=g#Sma{Xe@&@eQ%CyLjf~pW&C%3`)6& zKjS=BIr~{yGWY1GRJ!8H&l08AJNTL0AXPd3SxWvlx%=UVGUq=}1_}Rf_oSBpU8KtQ zKjf@`A`jI1d$>12?7Q$n>|DB}j=f7W&-zQu`h1R3iBJvqXuaF@Q@A3hET<_F(9Kgk&MuFYVt}ZVpXAB#Y9S-j4 zX_WSwDhAFkr#e3WeR6YqF`aODSUN*OrVkg>+sP#ZpIv_#UtHc!{&72Mw?hmXFHn@r zN2*<%-<@53{5ZZm9|5E-Z15xHfwBO;0~bAl??CeiXz8HYYJ%1bbPnfgsygi;<>~)_ zP3=BGDqR1`_y2W$t{&@>k&#;wDS~{ zT+hbiH&`XZPRW!f|C{dnf>b2`{S(Rl+c{Bt_5N=ssrvpel-@&H_En7f6)yZhxEXxs zZ~Ed}LH;ytbI0ns@7~)y<;wp?QNN;pR3QJulR-lMPX_hdRLI z`v~|I_ChSySNJp)$D4X;=IAgYd~sH zH{)VsbZjP>7lYJ&{-9kgc{<@~GjJ~>7Dwdf!g_f}J=;lN6f8VZryTgmMT%{5X5`{qFl1l zfRurUDWJo5-RN~jNS&A(OAlBhN8Hh1Y`bOJa~y9vKU@x78fE5u1t>@!-DbT=E*Z^T z2XTo7aS5iwY9t9^$sI@-1-hI?^q0!S+DJgM^RM03nG=zlfXQD#`zvc#wSg z@2F~5p8tEDVYin5U8D{0e;+SG5rBikgT!b2ec(b;G?jo4NxV(PiNtGhn0S$t(f1m0 zBhrAXh#$!)y)JMfPHtU1Ne-3mFt#4PB%8)|xY`)wQAqB^;7-a%h)b1nurY!pMz&Ij zILUThElgaz@D{_cl_Xq;i;L1>+?jS5@#3B*VBFdP(Xw2SK{|lTf8SnQ5VMyQz^vpI zUGHLrHn|Kd<_X;GeOS3O#CieSvS?INuCE4p1YZ2TT1D!x^3_`VHcQlLM=5FlvkaU6 z+*SM!wU;>mH9YCn_Wzxv_3&TO=*Y7BS%$qAdtWBri!rqC);_$HC;yw?`x2xA`+rv* zbma4&!+vf5-$_a=e=h0nPBU#!pK?@C!u4P6mY7fz9Fmd%2j~=FyXu#87mS+Y8=#fh z;2xN8WUOoV4+qxkwD+^IQrXTQE49ACnvz-HuAeBq86)f3@#V7XauFQy&=yGdOyo+& zu-NnT!y!`1oQ-aQ6w-muzu(R?FjXtp#YJ!yN`WqEa5dq8drS;SpAwqX$kFL-+a|EmD^lKLy+$(PTG zrL*F!PXA7|j3-SdNxA*%xoE$&Wh`t^g}H|JTY)d<+%2rNFx{eW?g0DJ=fF5 zDfNtT#Yg0)f13{(HBER!Hh-FFMO}BaNJ^~b;kX|U#E(uk+lXjw%|%pQ8_>i}IkStP zer1`f5r|Oq`E^P+C;NBB6XGPT=h6XDRh8Ttwae*HuPEAdkiNgVdjDZ^H@+5bAHJEK zPcCmS#vi7sO_4Ha+j9-yJ)o8HC$_C-nK4>=>TFdkf5#8U{)SeWRUZE_6~@Hf#WUaL zRJp_9XFLunagn%?X|2W#xz24Ae~cZjJj2hJ`%uF6Dc?HD=XqX6swUqflBfuGV)%9? z?pJJ6I*EKtlcp(Kxv2AqO1(LZs@EQ z%dT&Fe{0f@tk~PKZJOF{J#~|Y8*bciy~6d_y1veM*_Y_!l)aNhOD3)y) zL`L>)sI1eoq&)lo9^*fE`<>eUzl$WF|D&ql`Op3NwklDD6`b=6_^NikFQ-(&xxTPu z<@0>GCD%R2#~N%G@t;Nc-}K(EAQi}ex6_sVe}BW1e(nF?NveGRS9Ik?>bl|SiLFAD z{*(nWmkM6A7qo^97}te;`<681(u(uF^W8(ZPm~QPSsPoSV0bYY zUvi1&$y91CwDhs*Ea0WL1RXV5-q#UXJoC;<@EqAo@;Bqc3G^xZ56e+Bx6-~J?t`ftt2_tC>$YmrdUW$==pYS46 z{`|k2`yYm#1pbFE3F`TO2Wg%2{|AWZsdnB!xn55OX$!1p>3M@Z@!KM}7brbAfZsBQ z78D>?{&#Z!Lq{F<_82H zrh*?e#a|ODrmaDfAMb<&HieJ1LMWH$Ve=tf;-i)(IIg*3nG^6+j!ygz42%2>e>yQ& zV+)jlf%#!lV?lyj-&93WdQW0oh?L{Dm^Ho@wojau6` zLTRLp&um;$I>x3PCMgR&lZDSIe}SrzgC68wvQqvYl~f#(DmHy43@N>VvLQ%S07&T# zc(~0}aI*^+rBXM$i1X)xK#2BrK}$xf)fcqHE@%lBKcX*XC-xuN{^##RTaa%>6A#ug z1QyxiD0SCI1`ZfC}XQq}!M8|LF`ngIfM~f05`=vuqu4XJx7o zB;A>t;(-oYg@A*@1w~!4U2Kp5^@%lkD%>YyJgmJ~sfH6;4+bO+q}K=q+GPN$%mr~( zBvMMrb>TM=sdW)a85A~WXgy?7dil+{*%%d+OR7dGr8o=|>IZBLk_kyxip>^vUB%l- zqJmqz;iCl6*LMp^e;VRKLRNG;Z#(%J-oAaCo1rIV$c{r5U0pw&-26Vd$%tDNe=4j~ z47xt?EMl1A@-Yq6;@{}~?Hho)P78Lx)6;3RxuA;`BT+IdE=`jE>#LjFbml>mwrIKG zy?NWr574F}G|NJ;OJO?7xZopF7<_r}qEuBprimNChsx|nY->~LyfQw8> zj7P+DL*M~%NJ__ITQ-NOg^i!9lHwo9jozx_X2f9`ka8n%bQ#rcGC;YXf5YAA+| zVB0U`+J7E3lt--DI%*%5Z<@>h&18K3aiT2sXZc2<{CB&O{C9@EUM>H-NXN(E7uSZm zW-r0``r;$FX1h=@wxGEphK9k}0=nd=!35upHmCm90|T-^VIc=<3k1&Tm=Y*V3Dh2x zqlQo9f3snlfG(I^aF4(expSlg!y-0=3gc0`JvYe0yH_-O**+UnuG-KsmMv!P#gxwR zG5Cbx9Dx=fl%#{4VA-^M(*O|Uvy`*HKX;&mt)%q`4&q>@~`&g y_z%57=cJbZT_grP_C2Q2f$#91xR*AZ>r|&Y)u~P;)Bg_u0RR7EB>Z0hbO8YUOjL>h delta 7217 zcmV-19M0qHN$p9HsDEK^p!U>3fB1vi>GnGPAAtHC%*e^Z1iC+{8-Gi#+zUz2F@8rb zHf(DI9=i?bIN`tDw~DHC8al$7YdC~G`^B}PuGvd4zP|Vfu5Fh<6O1iru85&wz{XKy zVK31LEC_M%sNJ3$WZ~T_n!RkFjcKtqbc|(7qgiod2@Q)t!+%099yMCPg0$#+`1LD1 z>8gVU|DO%g2DUv{Lo8c4+GORR5rB?k8XBbhHy(q!b!gT4jeWQN{u7t~M`(HoKbHb1 zkpGi@uOrLN@>LOLKexPM1LM~-Q)kPaXQ5KO&$p3$BGvOu)7s6fCudPJt}AlKIM@J0+9G2?_IW{(k?XE^ZgH+(#?4@U#Q>3|wjKIDBl@@(VUmnx%W6IwQ zdM2UVE?4+36JSJ$Va+js_x2-t1GELS<_H)w+71@d=zmL^8(IK;A;`6$33N!{J;X?% z++svL=Nv8VbN}fG5Z6QWqd~q~ria+~#K*tdn4~_~N!rr}ZQ$2j`qM7k!1a$P+a{LYfz(jMXtthjU6c#?i z-vsr(jDNj7j_Lz3{%pJY2%MO3g5$D%c*TGClrd`Ubo| zyM6=4Up*JS;h8@hrU@*>_1O{~^*exRoqKg08HVthx0)H2? zOPgG~2qTMdLcyw$=XKFv9>N5Vz_+J>|0Pu6_cH#MkJz4t@s*LP-s!Tx}CS3jEb*Y)xtWIY>yIEjceG9dYE*SJR)-h z{utj}a^0z;FMa{47NJY{H$?Ax+YJ3n2Z_;bV2liWa>jOKl>Vr&a9HgBeD?2*RFjZa85HD z&^$*bTuqT?TRI+rPS+p5#8@KRBhd@~cm@sAbJ6X>MVQWPBhd5P0l9{)M}OG|zHE3* z>kIk)MuoajilKKq;%84IzPr5_<)6B& zBnLsMWU-DiDA`PWJ-P$Q&aC3eKz+_C?t5dtqr~k$1T7sC5`^2ASGSX?LcWkKexu0# ztDX!b`%ho(bZh(1E>dLufqyOnhJ^_V!TIt!2m0%zk4Yt6oyuhYg!mjAm2G9Bb% zg*aO?1sBNwusf9fKmC(Vua^H^q;KEae*=%kas)6U%mP4G4mw@ZX3-XC1pd~3dOB** zY)6gB7YAB8(+PAF;G1;;bGIl*jUa0a=xAnG2sGK~QfS^LXbCTwb$>?TUPrnD0?O~) z13|N1JtEgNbOgQw;(C?_hCTMDv7CCdnehcQTLLv?>HMF7$unlm0xxBd$^C3^hR)kamrGrLw| z!}Gs=r!M%;mg`VMp!wfT(7bC_7P6pPV2b$aK(-cg8L?gV()SQg3Dh2r8X&7eahvpI z=1Atgpp@+3i7)-XeG7+Q)BmGcvUE6DQob86qHudT=Mcod`jcU4rl+S!rt)(ZIV-_J z8s%hta>$@QY_hLXoJ2uq0ba--zv1^IazclQ z*?*jkP7|FPcVb0MMU0`PLssC&S&Uvla|R6)G_SdW_A4sWG%O%E%9{zk63oWx$K>;l z%IA->u&#nUwzxdD5>zcc-X#A28FI;blDk7nbS2OD41awYaPS||nL%ZrsW*dOWKP*8 zpnvMXwqpKeUYVeaC3%gPPw>RMOzH#C9i20~`3nBr)@+Av8Rt2}Ord)Vh2}|}yPBXG z;Ccws7P_rrC2-_3h>wTc$ZBh_g)D+x$2Bl&VS7eCLl?D~Z~3IfJaEhru|yVW(|`3~ z-|9QH+kbu3gDZbA4ha>HF ze}9ilhq0(59OlYvN2=o5*3S*>dJG``i>J>Kk(5TBc8DnyN54O6U#h+Z2v#$*Yp2wQh)mV@6V?>v;V@Ob-*}UR;mBrEQ@A zXu`s&BhKf-wXtb$yHsbmu5QqWMoH5tS;75vDCT4$uSO%ruZiF0S|8yTz$M z{s|;#=9w66ayqQY|EG5Pary76y;}ZvlSKK4j)R4ned>4qG%=$ev?2(sS}r@t@qgn3 zTD<{3K0*^D?Tk>@87K>ye7Y6Nvx4C1X#|?|A6owDshPCfmHC>#8rZ_uLM2yq$q)j{ zFQu;Y(OWoe`642_d}cjIhXhTD3kjMB_-%g9?#4Dv!`a0|Z z5P|dsPZFafxq#A~TZ;6FqKUN#=NDRp*#Cq}Gqc!tU>TN+ocd&aUPQ+U znI+I%CL6Kh8?r)d6Y6C6J->QsUQK(vp*&#?A70NVRf{FOKKJfG;WMbv~#*5UVK=WFFm^PDY zjF*pas4|W8-VQ65-OLsHJ(FTagBOf|Eiza{v53Lgr~vHP#^c{zdpQ!HwR}YMN9f$3 z*(mN<%QP(pDHZA-e(sB)lz)Sy*~=xQ>zIGx#T(GJ9n#hfIJay}46VID&?JjHZGp50 z1uy;`FP)2_4^jq}K1dnR`LJKoA@o5?J8H1o>V{_+c2eJHix#C;q+zb5JsMBxk{hDR zr9l~?&2xk_DqLyMr{h$jBgsP6P-XEqQKiGZX^Mgr2{p4dvWxsvR5n~0j?K?-g~J&W zxl6-hbK!dzYUn!NVZ#@*XQ|WnlDz*Hj&+HDZ{!Iq*#GysUCI8}?eqpGvqcRR0sU`n5A44pqzOxzJLrYU>a|~jsO1J`0kgRtKTL! z(-C-pvj;eOr@mu>hxub4_ZQtEbM^b==EK#^c@jjJ6JRndlt2+Cq7KL*`mS!yFD}Qo zS1G8)oDYiSs(y3Z*v0Gd&F#hQ#nt8A+101Z+xX-cc8lVFYaR!>gtkC%Jj$0kXGW`BKhEWj0*f9>WX*kR>E}yj=6~)oqkF1niT`yn zRAv8vr{AsT|DB{9|NnW|?WI-$2R!|QgM$J@Q`}aO0Hyrz0J!3#a9_BDU#6Z*+p!}& zia{CKi&S`jKvba=bU;~zLfT+i4-Ak#>|P@zKp06C5dkSB*Y$Qsq}Ig)WKh_gq4m%J z>E$=)W@FcTE~ys-1t{;x&k|&?u{%GcT*;dswSPrter!{-EjM`yqO~hON(T`$<1jq= zb>NR@4*U^3INAo#A;;nt(J6`ok|6R-p+KPHyrlSl7~8-BY+mKv-nN!GH?8NZPAgwo zt(Wq;zf=3&j78Q<^y~KaZYL;X|Jm&HXPNV#3IC5;`+s(m;u~UNck#@}Kf^Dj8I*Dl zf5v&Na`v;ZWbV;VsdUAYpCwAKckna0L8@~6vy}XAa`(dzWzK(|3=;m|Uayw_U8KtQ zKjf@`A`jI1d$>12?7Q~@gF+F zVLkuvCar`25=Te6^s^j$5%~@6N71ejHz(j{wpZHu#b9Kv@9afr}o&cc6I$v~0zI)`&LRh@Q_^7Q|I zrgono6|Vo}`~Nz_&Y)B4|6QcG{fA>FpWF5m>OOHg$+h`Jd{wdcf6%U$Je}~g8Mv1biz9M#VZFSg@*%ycL!=Z?w){}3j*{Jf6vX?i z5Z*MTR}uu73xP~GIrFp?xS|FR9HN*FP)w;}^$M1OBj(mFw{E#LOO>c}2x2|}Q7&0& zK+3?w6wu+jZuB}Mq)tqYr3b8$BkpK0w%s!AIgU4-A1;S3jWTn-0u&^VZnIt_myG7F zgSfZ&KRxfp^0f89>M#{cdn z#m(sPY4^EtAc@ss+VV0N7n0<+3O=M%>0F#h3WbVzk&+bF!;MG{oQ5B%BLC~+L5k#m zFqHBC-R_B6%l|G?b^J#{Y7cSSSNRsWcOB^#xL|uA;z7d4X@HPKrC-ENaFyhLO*}}x z{C8BfE6@ME&Tv@E|1Q!7fB26Vp$Ndi;X&dv{yuOaDVj>aha}#n;zZ)LI83}q%IJHI zxDjbURm6{ElwKD&5hu4Uo+O9Lb{Ja^Uy@B@J6vsy@hBwsVsIzrBgCajIoKFM5+hqF zM4V*1t`;UPUU-XP*h&(v!^K7EFz!q{jCgU+6EJS=fM{7R$RHiSf8}p4E{NGn3Sd_9 zimrFDLYrKM74rn{_CBoK8DhPFZCNxbDc4tnJOVHNUacZ^SovzLeVZlfw4;=?|5=93 zf9@*&huTY={~Dh3Yy1CB(t7x>Xmn)R{Vc=Yi@h%s@5LC}cWWPB%9H<1?|lhUf&IU$ z4m$Gr&tbo||L-Ive-@W?cc+=Qr%yR5DB=3Ac1ujC2@Xj~fCF?2uwC^_x(i0l@eR<* zY;X@uI5O6?`-cPTb=v#cSgCC1kCj^AU`@%aZ`V(h-i(oT?f7!pb-4(RcxVfxdnR%v zV_58Y`r#0%WX?vnzzQymd9VfRw`JHBt=_av)2!X`I}lR4e-ZcQkf6_Sr67xH7ukjz zS*t*^eQ#K8ylB1=Gc;QolAg3Z?6SPNtvw*Og)HK(9NVynf)~8Kfd5s1drAEj@#M?r z#L`)DR;PcbTE>$mlcd~!^<1>y+AnuS!^!>FxZ)%7f78u}jG89AA)7zVw4$y%S|lab@^IXb2jWL3n{7n2w&o(Lt_^77rkvSD zP`|Rw)d)l=`usYjo0I*!;t6q*)^q8AsH#eCjoRgOs8xf@>#w-4V; z&L@|*7vm4p)TT%owC%Zu?;g-f`4ih#v&2;S~PUSyG<;e~yZu3J|KCND&;LM!V1p$1$+~_<6{lBi}=r?{BL^iSC9(izuW1`fBwJW$)NWC?<7^e|0}xkB6Z#H^u$)7 zNq@=$nM(yP+6&u$7y-vcEyKbDnr4BHIE?GUzI{s?a%si+-udn!+$YKgl&p=dP%yk0 zj4!!F^JFSD7h3w*bQbW^TY`?7Ebr@xES`C1C3uePCHb52ay(1aVm$Zrc&=ic5p5_b ze@qMI<{I7m{tvb-`O~fZZ)ccSDw`ak6)(j|y-#?N zDS!Uo&HWFDKH2ouqZn{~sWtr`mb{UZC{g0Dj9H zT2O#o`QOR?4;^*bljA?CYOj|6og{w^e_`2V0}Nnsq<{ld8Q?zw1XvYtCq)AApH@Tp z9mL818Ua`%0C$1_3>F0&pWM$N^I}fyKmSb;ROdlmcM--^Z91-D5zzFTt{I;Qumd#& znhJi@6n{;qn6?H@e!LSB*c3k23ZY!0hs}p{iH};E;JD_BWlq3PIXdw>Ff8&jf9S+q zjV(|H2IhxJjRgsAeNz=h={<>UAySUpV%GRt*gkQZ5*8p8bh>rO>6(C3k@K|E4codF zqk!D2y0Sw$)>;P5mW_QWK)!5(dnrV*mBX;@oA)%n*19-FKC8!567QIecFe^(R={a& z38j%XKC^L2=@^@Gn4~Q9Ocp+;e*~&V4tkJ#$x8WqR8nzBs@U|IFr@Sb%7!3S0U)I} z;Ndn?!ObpQluF&~BF>)&0wLPh1uYq^R$tH(yPzdl{D{7ko!Eb5`=7rPZ9%>jO*~k~ z5LjgYKT#9$zlWXr{O?YZFHX?X!|@q6Mg&NppF|U3AUFxL#m@;-VZy24f9K8s7gVu~ zSiwFoX$R!nKb|dVbWAZZT9VCW*ZvDZ;kPmyW9FHr$mkYyg)IN!#Wm4i8^-}DlK);$ zmF@q7PL2QBNm?iVhdeUUg)Gdq7lGP$yS|iEM*cU&0T<5yiTK~D+O6;Z*hz{zM}%w3 zo*4ri(+;v)$;AT4d8~p5e=aPUiwTxWSHuOED7_vwSZK&~@WEx|e^VS#vHTBZ`9JCO zYx&Pr7~i{-4gU+o|P$e;0`kHOtl!cUGnf zLDHSMDIVycRR}mZTu{^%+r3i+m1;Pl^$G48JUyL8n+v*FF%l)S;?gAfzrMP;O=li7X^WN{ z-s^=HNh@D@WaPwCODK|b^Z`ggAVmAPSBXUcxj|8q7a*ixf98BhJ+y3 z!hqO-4*~Fbfh=(E8K!PnbKpSj0nQOtjvB|{c41(EJ%?LH@dBA9pjw0P`3-CS2Dr$C z#CSvuD=0jNf0j-uSZL0aJNU_Q(aiXQbnw|A3-Et_R=|~Iu7GW^qLe8>6@Y12NI7aK z=hM3>v0X%ooY~8zZGqpu^T%1oR7k=c~qlRMW z2)6w~uKnjxLwUrSt)uo~`KG!2-%Q5mA1BIEf0l0)%73>j$$w|qJE`S=7wPyI{NmbB z*X$)2UtfF#*K8LG#uhYJ#LzG}TR@i_HJISL(dN|OdSE~nC@kbaZGpf!9a92@DS_I9 za@6pNe|$Df6VL^d3+@qEB6p5-U|7UvP+>f3x90{~c=w8CFWYBh%2gXW#*`EqOU%DNdDEn z9RHy===N&)-$i1;W8Y&M9rzCKiF;|oxlVPeQ=RHmGX4Jm00960Vu#e)0CWKWq-IyH diff --git a/charts/portal/values-production.yaml b/charts/portal/values-production.yaml index 755e148b..8cbef5a2 100644 --- a/charts/portal/values-production.yaml +++ b/charts/portal/values-production.yaml @@ -484,17 +484,17 @@ tenantProvisioner: additionalEnv: image: - dispatcher: dispatcher:5.3 - apim: ingress:5.3 - enterprise: portal-enterprise:5.3 - data: portal-data:5.3 - tps: tenant-provisioning-service:5.3 - analytics: analytics-server:5.3 - authenticator: authenticator:5.3 - dbUpgrade: db-upgrade-portal:5.3 - rbacUpgrade: db-upgrade-rbac:5.3 - upgradeVerify: upgrade-verify:5.3 - tlsManager: tls-automator:5.3 + dispatcher: dispatcher:5.3.1 + apim: ingress:5.3.1 + enterprise: portal-enterprise:5.3.1 + data: portal-data:5.3.1 + tps: tenant-provisioning-service:5.3.1 + analytics: analytics-server:5.3.1 + authenticator: authenticator:5.3.1 + dbUpgrade: db-upgrade-portal:5.3.1 + rbacUpgrade: db-upgrade-rbac:5.3.1 + upgradeVerify: upgrade-verify:5.3.1 + tlsManager: tls-automator:5.3.1 ## ## Subchart Configuration @@ -795,14 +795,14 @@ druid: # topologyKey: kubernetes.io/hostname image: - zookeeper: zookeeper:5.3 - broker: druid:5.3 - coordinator: druid:5.3 - middlemanager: druid:5.3 - minio: minio:5.3 - historical: druid:5.3 - kafka: kafka:5.3 - ingestion: ingestion-server:5.3 + zookeeper: zookeeper:5.3.1 + broker: druid:5.3.1 + coordinator: druid:5.3.1 + middlemanager: druid:5.3.1 + minio: minio:5.3.1 + historical: druid:5.3.1 + kafka: kafka:5.3.1 + ingestion: ingestion-server:5.3.1 # Settings for RabbitMQ - https://github.com/bitnami/charts/tree/master/bitnami/rabbitmq rabbitmq: @@ -812,7 +812,7 @@ rabbitmq: image: registry: caapim repository: message-broker - tag: "5.3" + tag: "5.3.1" pullSecrets: - broadcom-apim pdb: diff --git a/charts/portal/values.yaml b/charts/portal/values.yaml index a9198263..daf54300 100644 --- a/charts/portal/values.yaml +++ b/charts/portal/values.yaml @@ -423,17 +423,17 @@ tenantProvisioner: additionalEnv: image: - dispatcher: dispatcher:5.3 - apim: ingress:5.3 - enterprise: portal-enterprise:5.3 - data: portal-data:5.3 - tps: tenant-provisioning-service:5.3 - analytics: analytics-server:5.3 - authenticator: authenticator:5.3 - dbUpgrade: db-upgrade-portal:5.3 - rbacUpgrade: db-upgrade-rbac:5.3 - upgradeVerify: upgrade-verify:5.3 - tlsManager: tls-automator:5.3 + dispatcher: dispatcher:5.3.1 + apim: ingress:5.3.1 + enterprise: portal-enterprise:5.3.1 + data: portal-data:5.3.1 + tps: tenant-provisioning-service:5.3.1 + analytics: analytics-server:5.3.1 + authenticator: authenticator:5.3.1 + dbUpgrade: db-upgrade-portal:5.3.1 + rbacUpgrade: db-upgrade-rbac:5.3.1 + upgradeVerify: upgrade-verify:5.3.1 + tlsManager: tls-automator:5.3.1 ## ## Subchart Configuration @@ -660,14 +660,14 @@ druid: # affinity: {} image: - zookeeper: zookeeper:5.3 - broker: druid:5.3 - coordinator: druid:5.3 - middlemanager: druid:5.3 - minio: minio:5.3 - historical: druid:5.3 - kafka: kafka:5.3 - ingestion: ingestion-server:5.3 + zookeeper: zookeeper:5.3.1 + broker: druid:5.3.1 + coordinator: druid:5.3.1 + middlemanager: druid:5.3.1 + minio: minio:5.3.1 + historical: druid:5.3.1 + kafka: kafka:5.3.1 + ingestion: ingestion-server:5.3.1 # Settings for RabbitMQ - https://github.com/bitnami/charts/tree/master/bitnami/rabbitmq rabbitmq: @@ -677,7 +677,7 @@ rabbitmq: image: registry: caapim repository: message-broker - tag: "5.3" + tag: "5.3.1" pullSecrets: - broadcom-apim pdb: From 3ab479c87301be15677a81c1a708a0bdf884d783 Mon Sep 17 00:00:00 2001 From: sm895441 <125248373+sm895441@users.noreply.github.com> Date: Wed, 30 Oct 2024 15:31:38 +0530 Subject: [PATCH 3/6] Update version to 2.4.0 in Chart.yaml --- charts/portal/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/portal/Chart.yaml b/charts/portal/Chart.yaml index a7fc7518..064eb8d8 100644 --- a/charts/portal/Chart.yaml +++ b/charts/portal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "5.3.1" description: CA API Developer Portal name: portal -version: 2.4.2 +version: 2.4.0 type: application home: https://github.com/CAAPIM/apim-charts maintainers: From b3370ecdd6e34d1ac1b4df660e2054ce6d823e41 Mon Sep 17 00:00:00 2001 From: sm895441 <125248373+sm895441@users.noreply.github.com> Date: Wed, 30 Oct 2024 15:37:19 +0530 Subject: [PATCH 4/6] Update chart version to 2.4.0 in README.md --- charts/portal/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/portal/README.md b/charts/portal/README.md index a15b2201..92fc64f5 100644 --- a/charts/portal/README.md +++ b/charts/portal/README.md @@ -3,10 +3,10 @@ The Layer7 API Developer Portal (API Portal) is part of the Layer7 API Managemen ## Introduction This Chart deploys the Layer7 API Developer Portal on a Kubernetes Cluster using the Helm Package Manager. -## 2.4.2 General Updates +## 2.4.0 General Updates - This new version of the chart supports API Portal 5.3.1 - Removed PSSG container -- Upgrade to 2.4.2 is only supported from 2.3.8 chart version as per the Portal version. +- Upgrade to 2.4.0 is only supported from 2.3.9 chart version as per the Portal version. ## 2.3.9 General Updates - This new version of the chart supports API Portal 5.3 - Upgrade to 2.3.9 is only supported from 2.3.4 chart version as per the Portal version. From 80c5b72f55ba561aa6633ff08fbdb58413a67758 Mon Sep 17 00:00:00 2001 From: sm895441 <125248373+sm895441@users.noreply.github.com> Date: Wed, 30 Oct 2024 15:57:32 +0530 Subject: [PATCH 5/6] Update chart version to 2.3.10 in README.md --- charts/portal/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/portal/README.md b/charts/portal/README.md index 92fc64f5..b60f8e0d 100644 --- a/charts/portal/README.md +++ b/charts/portal/README.md @@ -3,10 +3,10 @@ The Layer7 API Developer Portal (API Portal) is part of the Layer7 API Managemen ## Introduction This Chart deploys the Layer7 API Developer Portal on a Kubernetes Cluster using the Helm Package Manager. -## 2.4.0 General Updates +## 2.3.10 General Updates - This new version of the chart supports API Portal 5.3.1 - Removed PSSG container -- Upgrade to 2.4.0 is only supported from 2.3.9 chart version as per the Portal version. +- Upgrade to 2.3.10 is only supported from 2.3.8 chart version as per the Portal version. ## 2.3.9 General Updates - This new version of the chart supports API Portal 5.3 - Upgrade to 2.3.9 is only supported from 2.3.4 chart version as per the Portal version. From abb659b4fe9d3657e137bee278f1e181456726a5 Mon Sep 17 00:00:00 2001 From: sm895441 <125248373+sm895441@users.noreply.github.com> Date: Wed, 30 Oct 2024 15:58:08 +0530 Subject: [PATCH 6/6] Update chart version to 2.3.10 in Chart.yaml --- charts/portal/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/portal/Chart.yaml b/charts/portal/Chart.yaml index 064eb8d8..438ce094 100644 --- a/charts/portal/Chart.yaml +++ b/charts/portal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "5.3.1" description: CA API Developer Portal name: portal -version: 2.4.0 +version: 2.3.10 type: application home: https://github.com/CAAPIM/apim-charts maintainers: