From 95d78e999ed05423f98b5d98877ed700f1199f3b Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Fri, 19 Jul 2024 13:10:10 +0200 Subject: [PATCH 1/7] Allow config of http URLs in management-portal --- charts/management-portal/Chart.yaml | 2 +- charts/management-portal/README.md | 11 ++++++----- .../management-portal/templates/deployment.yaml | 9 +++++---- charts/management-portal/templates/ingress.yaml | 2 +- charts/management-portal/values.yaml | 15 +++++++++------ 5 files changed, 22 insertions(+), 17 deletions(-) diff --git a/charts/management-portal/Chart.yaml b/charts/management-portal/Chart.yaml index 079656c5..4fbdd628 100644 --- a/charts/management-portal/Chart.yaml +++ b/charts/management-portal/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "2.1.1" description: A Helm chart for RADAR-Base Management Portal to manage projects and participants throughout RADAR-base. name: management-portal -version: 1.1.8 +version: 1.2.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/management-portal diff --git a/charts/management-portal/README.md b/charts/management-portal/README.md index caf0bfe0..b6c137cc 100644 --- a/charts/management-portal/README.md +++ b/charts/management-portal/README.md @@ -3,7 +3,7 @@ # management-portal [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/management-portal)](https://artifacthub.io/packages/helm/radar-base/management-portal) -![Version: 1.1.8](https://img.shields.io/badge/Version-1.1.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.1.1](https://img.shields.io/badge/AppVersion-2.1.1-informational?style=flat-square) +![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.1.1](https://img.shields.io/badge/AppVersion-2.1.1-informational?style=flat-square) A Helm chart for RADAR-Base Management Portal to manage projects and participants throughout RADAR-base. @@ -42,11 +42,12 @@ A Helm chart for RADAR-Base Management Portal to manage projects and participant | securityContext | object | `{}` | Configure management-portal containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | Management Portal port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | | ingress.path | string | `"/managementportal"` | Path within the url structure | | ingress.pathType | string | `"ImplementationSpecific"` | Ingress Path type | -| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | +| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be used to implement the Ingress (Kubernetes 1.18+) | | ingress.hosts | list | `["localhost"]` | Hosts to accept requests from | | ingress.tls.secretName | string | `"radar-base-tls-managementportal"` | TLS Secret Name | | resources.limits | object | `{"cpu":2,"memory":"1700Mi"}` | CPU/Memory resource limits | @@ -82,9 +83,9 @@ A Helm chart for RADAR-Base Management Portal to manage projects and participant | server_name | string | `"localhost"` | domain name of the server | | catalogue_server | string | `"catalog-server"` | Hostname of the catalogue-server | | identity_server.admin_email | string | `"admin@example.com"` | The admin email to link to the admin service account. This account should only be used to set up admin-users | -| identity_server.server_url | string | `"https://my.example-domain.net/kratos"` | The publicly accessible server URL for the IDP | -| identity_server.server_admin_url | string | `"http://kratos-admin"` | The admin server URL for the IDP. Only needs to be accessible from inside the cluster where the managementportal resides | -| identity_server.login_url | string | `"https://my.example-domain.net/kratos-ui"` | The login URL for the IDP. Needs to be publicly accessible | +| identity_server.server_url | string | `nil` | The publicly accessible server URL for the IDP; needed when deviating from http(s)://server_name/kratos | +| identity_server.server_admin_url | string | `"http://kratos-admin"` | The admin server URL for the IDP used for service-to-service requests. Only needs to be accessible from inside the cluster where the managementportal resides | +| identity_server.login_url | string | `nil` | The publicly accessible login URL for the IDP; needed when deviating from http(s)://server_name/kratos-ui | | managementportal.catalogue_server_enable_auto_import | bool | `false` | set to true, if automatic source-type import from catalogue server should be enabled | | managementportal.common_privacy_policy_url | string | `"http://info.thehyve.nl/radar-cns-privacy-policy"` | Override with a publicly resolvable url of the privacy-policy url for your set-up. This can be overridden on a project basis as well. | | managementportal.oauth_checking_key_aliases_0 | string | `"radarbase-managementportal-ec"` | Keystore alias to sign JWT tokens from Management Portal | diff --git a/charts/management-portal/templates/deployment.yaml b/charts/management-portal/templates/deployment.yaml index a4815898..c92af4aa 100644 --- a/charts/management-portal/templates/deployment.yaml +++ b/charts/management-portal/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: apps/v1 kind: Deployment metadata: @@ -70,9 +71,9 @@ spec: - name: MANAGEMENTPORTAL_MAIL_FROM value: {{ .Values.smtp.from }} - name: MANAGEMENTPORTAL_COMMON_BASEURL - value: https://{{ .Values.server_name }} + value: {{ printf "%s://%s" $https .Values.server_name }} - name: MANAGEMENTPORTAL_COMMON_MANAGEMENT_PORTAL_BASE_URL - value: https://{{ .Values.server_name }}/managementportal + value: {{ printf "%s://%s/managementportal" $https .Values.server_name }} - name: MANAGEMENTPORTAL_FRONTEND_CLIENT_SECRET valueFrom: secretKeyRef: @@ -89,9 +90,9 @@ spec: - name: MANAGEMENTPORTAL_IDENTITY_SERVER_ADMIN_EMAIL value: {{ .Values.identity_server.admin_email }} - name: MANAGEMENTPORTAL_IDENTITY_SERVER_SERVER_URL - value: {{ .Values.identity_server.server_url }} + value: {{ default (printf "%s://%s/kratos" $https .Values.server_name) .Values.identity_server.server_url }} - name: MANAGEMENTPORTAL_IDENTITY_SERVER_LOGIN_URL - value: {{ .Values.identity_server.login_url }} + value: {{ default (printf "%s://%s/kratos-ui" $https .Values.server_name) .Values.identity_server.login_url }} - name: MANAGEMENTPORTAL_IDENTITY_SERVER_SERVER_ADMIN_URL value: {{ .Values.identity_server.server_admin_url }} - name: MANAGEMENTPORTAL_COMMON_ADMIN_PASSWORD diff --git a/charts/management-portal/templates/ingress.yaml b/charts/management-portal/templates/ingress.yaml index 0c4b5692..8cf5cc1b 100644 --- a/charts/management-portal/templates/ingress.yaml +++ b/charts/management-portal/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/management-portal/values.yaml b/charts/management-portal/values.yaml index 22c283c1..efb70663 100644 --- a/charts/management-portal/values.yaml +++ b/charts/management-portal/values.yaml @@ -40,6 +40,9 @@ service: # -- Management Portal port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true @@ -52,7 +55,7 @@ ingress: path: "/managementportal" # -- Ingress Path type pathType: ImplementationSpecific - # -- IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + # -- IngressClass that will be used to implement the Ingress (Kubernetes 1.18+) ingressClassName: nginx # -- Hosts to accept requests from hosts: @@ -268,12 +271,12 @@ catalogue_server: catalog-server identity_server: # -- The admin email to link to the admin service account. This account should only be used to set up admin-users admin_email: admin@example.com - # -- The publicly accessible server URL for the IDP - server_url: https://my.example-domain.net/kratos - # -- The admin server URL for the IDP. Only needs to be accessible from inside the cluster where the managementportal resides + # -- The publicly accessible server URL for the IDP; needed when deviating from http(s)://server_name/kratos + server_url: + # -- The admin server URL for the IDP used for service-to-service requests. Only needs to be accessible from inside the cluster where the managementportal resides server_admin_url: http://kratos-admin - # -- The login URL for the IDP. Needs to be publicly accessible - login_url: https://my.example-domain.net/kratos-ui + # -- The publicly accessible login URL for the IDP; needed when deviating from http(s)://server_name/kratos-ui + login_url: managementportal: # -- set to true, if automatic source-type import from catalogue server should be enabled From 2bc30f0b4cf0a61d10ba154278b3161b5bc5f8c4 Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Fri, 19 Jul 2024 13:14:39 +0200 Subject: [PATCH 2/7] Allow config of http URLs in rest-sources-backend --- charts/radar-rest-sources-backend/Chart.yaml | 2 +- charts/radar-rest-sources-backend/README.md | 5 +++-- charts/radar-rest-sources-backend/templates/configmap.yaml | 3 ++- charts/radar-rest-sources-backend/templates/ingress.yaml | 2 +- charts/radar-rest-sources-backend/values.yaml | 5 ++++- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/charts/radar-rest-sources-backend/Chart.yaml b/charts/radar-rest-sources-backend/Chart.yaml index c48c39ae..b3a91058 100644 --- a/charts/radar-rest-sources-backend/Chart.yaml +++ b/charts/radar-rest-sources-backend/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "4.4.2" description: A Helm chart for the backend application of RADAR-base Rest Sources Authorizer name: radar-rest-sources-backend -version: 1.1.3 +version: 1.1.4 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-rest-sources-backend diff --git a/charts/radar-rest-sources-backend/README.md b/charts/radar-rest-sources-backend/README.md index ce6cf5d6..9f6fa238 100644 --- a/charts/radar-rest-sources-backend/README.md +++ b/charts/radar-rest-sources-backend/README.md @@ -3,7 +3,7 @@ # radar-rest-sources-backend [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-rest-sources-backend)](https://artifacthub.io/packages/helm/radar-base/radar-rest-sources-backend) -![Version: 1.1.3](https://img.shields.io/badge/Version-1.1.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.4.2](https://img.shields.io/badge/AppVersion-4.4.2-informational?style=flat-square) +![Version: 1.1.4](https://img.shields.io/badge/Version-1.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.4.2](https://img.shields.io/badge/AppVersion-4.4.2-informational?style=flat-square) A Helm chart for the backend application of RADAR-base Rest Sources Authorizer @@ -42,11 +42,12 @@ A Helm chart for the backend application of RADAR-base Rest Sources Authorizer | securityContext | object | `{}` | Configure radar-rest-sources-backend containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | radar-rest-sources-backend port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and session configuration | | ingress.path | string | `"/rest-sources/backend"` | Path within the url structure | | ingress.pathType | string | `"ImplementationSpecific"` | Ingress Path type | -| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | +| ingress.ingressClassName | string | `"nginx"` | IngressClass that will be used to implement the Ingress (Kubernetes 1.18+) | | ingress.hosts | list | `["localhost"]` | Hosts to accept requests from | | ingress.tls.secretName | string | `"radar-base-tls-radar-rest-sources-backend"` | TLS Secret Name | | resources.requests | object | `{"cpu":"100m","memory":"400Mi"}` | CPU/Memory resource requests | diff --git a/charts/radar-rest-sources-backend/templates/configmap.yaml b/charts/radar-rest-sources-backend/templates/configmap.yaml index 5c54a2dc..7331ce18 100644 --- a/charts/radar-rest-sources-backend/templates/configmap.yaml +++ b/charts/radar-rest-sources-backend/templates/configmap.yaml @@ -1,4 +1,5 @@ {{- $restSourceClients := trim (include "radar-rest-sources-backend.enabledMapElementsAsList" .Values.restSourceClients) -}} +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: v1 kind: ConfigMap metadata: @@ -10,7 +11,7 @@ data: service: # Interval time in minutes for syncing projects and subjects. baseUri: http://0.0.0.0:8080/rest-sources/backend/ - advertisedBaseUri: https://{{ .Values.serverName }}/rest-sources/backend/ + advertisedBaseUri: {{ printf "%s://%s/rest-sources/backend/" $https .Values.server_name }} enableCors: true syncParticipantsIntervalMin: 2 {{- if .Values.authorizer -}} diff --git a/charts/radar-rest-sources-backend/templates/ingress.yaml b/charts/radar-rest-sources-backend/templates/ingress.yaml index a33d63b0..ea8d87bf 100644 --- a/charts/radar-rest-sources-backend/templates/ingress.yaml +++ b/charts/radar-rest-sources-backend/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-rest-sources-backend/values.yaml b/charts/radar-rest-sources-backend/values.yaml index fdd18f45..f003ae76 100644 --- a/charts/radar-rest-sources-backend/values.yaml +++ b/charts/radar-rest-sources-backend/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-rest-sources-backend port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true @@ -58,7 +61,7 @@ ingress: path: /rest-sources/backend # -- Ingress Path type pathType: ImplementationSpecific - # -- IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) + # -- IngressClass that will be used to implement the Ingress (Kubernetes 1.18+) ingressClassName: nginx # -- Hosts to accept requests from hosts: From 32d694b569069a028e7f5ea21af4f235d239b2ef Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Fri, 19 Jul 2024 13:31:50 +0200 Subject: [PATCH 3/7] Allow config of http URLs in rest-sources-authorizer --- charts/radar-rest-sources-authorizer/Chart.yaml | 2 +- charts/radar-rest-sources-authorizer/README.md | 4 ++-- .../templates/deployment.yaml | 7 ++++--- .../radar-rest-sources-authorizer/templates/ingress.yaml | 2 +- charts/radar-rest-sources-authorizer/values.yaml | 5 +++-- 5 files changed, 11 insertions(+), 9 deletions(-) diff --git a/charts/radar-rest-sources-authorizer/Chart.yaml b/charts/radar-rest-sources-authorizer/Chart.yaml index 71faa5b1..4f8ee145 100644 --- a/charts/radar-rest-sources-authorizer/Chart.yaml +++ b/charts/radar-rest-sources-authorizer/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "4.4.2" description: A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer which is a portal to authorize the Fitbit connector to read data from Fitbit accounts. name: radar-rest-sources-authorizer -version: 1.1.4 +version: 2.0.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-rest-sources-authorizer diff --git a/charts/radar-rest-sources-authorizer/README.md b/charts/radar-rest-sources-authorizer/README.md index 0763d409..1d1cf4ca 100644 --- a/charts/radar-rest-sources-authorizer/README.md +++ b/charts/radar-rest-sources-authorizer/README.md @@ -3,7 +3,7 @@ # radar-rest-sources-authorizer [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-rest-sources-authorizer)](https://artifacthub.io/packages/helm/radar-base/radar-rest-sources-authorizer) -![Version: 1.1.4](https://img.shields.io/badge/Version-1.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.4.2](https://img.shields.io/badge/AppVersion-4.4.2-informational?style=flat-square) +![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 4.4.2](https://img.shields.io/badge/AppVersion-4.4.2-informational?style=flat-square) A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer which is a portal to authorize the Fitbit connector to read data from Fitbit accounts. @@ -42,6 +42,7 @@ A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer | securityContext | object | `{}` | Configure radar-rest-sources-authorizer containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | radar-rest-sources-authorizer port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | | ingress.path | string | `"/rest-sources/authorizer"` | Path within the url structure | @@ -71,4 +72,3 @@ A Helm chart for the front-end application of RADAR-base Rest Sources Authorizer | networkpolicy | object | check `values.yaml` | Network policy defines who can access this application and who this applications has access to | | clientId | string | `"radar_rest_sources_authorizer"` | OAuth2 client id of the application registered in Management Portal. It is assumed that this is a public client with empty client secret. | | serverName | string | `"localhost"` | Domain name of the server | -| authUrl | string | `"localhost/managementportal/oauth"` | Authorization URL of the IDP | diff --git a/charts/radar-rest-sources-authorizer/templates/deployment.yaml b/charts/radar-rest-sources-authorizer/templates/deployment.yaml index a11af988..9b7026fb 100644 --- a/charts/radar-rest-sources-authorizer/templates/deployment.yaml +++ b/charts/radar-rest-sources-authorizer/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: apps/v1 kind: Deployment metadata: @@ -48,7 +49,7 @@ spec: - name: BASE_HREF value: /rest-sources/authorizer/ - name: BACKEND_BASE_URL - value: https://{{ .Values.serverName }}/rest-sources/backend + value: {{ printf "%s://%s/rest-sources/backend/" $https .Values.serverName }} - name: VALIDATE value: "true" - name: AUTH_GRANT_TYPE @@ -58,9 +59,9 @@ spec: - name: AUTH_CLIENT_SECRET value: "" - name: AUTH_CALLBACK_URL - value: https://{{ .Values.serverName }}/rest-sources/authorizer/login + value: {{ printf "%s://%s/rest-sources/authorizer/login" $https .Values.serverName }} - name: AUTH_URI - value: https://{{ .Values.authUrl }} + value: {{ printf "%s://%s/managementportal/oauth" $https .Values.serverName }} {{- with .Values.extraEnvVars }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/radar-rest-sources-authorizer/templates/ingress.yaml b/charts/radar-rest-sources-authorizer/templates/ingress.yaml index 357e133b..9e6cb748 100644 --- a/charts/radar-rest-sources-authorizer/templates/ingress.yaml +++ b/charts/radar-rest-sources-authorizer/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-rest-sources-authorizer/values.yaml b/charts/radar-rest-sources-authorizer/values.yaml index bf9a99f5..93b8c193 100644 --- a/charts/radar-rest-sources-authorizer/values.yaml +++ b/charts/radar-rest-sources-authorizer/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-rest-sources-authorizer port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true @@ -155,5 +158,3 @@ networkpolicy: clientId: radar_rest_sources_authorizer # -- Domain name of the server serverName: localhost -# -- Authorization URL of the IDP -authUrl: localhost/managementportal/oauth From 8f64f5b5688a2985e4af5dd849df7042a5217cab Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Fri, 19 Jul 2024 13:38:17 +0200 Subject: [PATCH 4/7] Allow config of http URLs in upload-connect-backend --- charts/radar-upload-connect-backend/Chart.yaml | 2 +- charts/radar-upload-connect-backend/README.md | 3 ++- charts/radar-upload-connect-backend/templates/configmap.yaml | 3 ++- charts/radar-upload-connect-backend/templates/ingress.yaml | 2 +- charts/radar-upload-connect-backend/values.yaml | 3 +++ 5 files changed, 9 insertions(+), 4 deletions(-) diff --git a/charts/radar-upload-connect-backend/Chart.yaml b/charts/radar-upload-connect-backend/Chart.yaml index 63c757b9..c63f7127 100644 --- a/charts/radar-upload-connect-backend/Chart.yaml +++ b/charts/radar-upload-connect-backend/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.5.10" description: A Helm chart for RADAR-base upload connector backend application. This application is an upload system that stores uploaded data and its metadata in PostgreSQL for later processing. name: radar-upload-connect-backend -version: 0.3.2 +version: 0.4.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-upload-connect-backend diff --git a/charts/radar-upload-connect-backend/README.md b/charts/radar-upload-connect-backend/README.md index 5793be8d..1c93e2aa 100644 --- a/charts/radar-upload-connect-backend/README.md +++ b/charts/radar-upload-connect-backend/README.md @@ -3,7 +3,7 @@ # radar-upload-connect-backend [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-upload-connect-backend)](https://artifacthub.io/packages/helm/radar-base/radar-upload-connect-backend) -![Version: 0.3.2](https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.10](https://img.shields.io/badge/AppVersion-0.5.10-informational?style=flat-square) +![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.10](https://img.shields.io/badge/AppVersion-0.5.10-informational?style=flat-square) A Helm chart for RADAR-base upload connector backend application. This application is an upload system that stores uploaded data and its metadata in PostgreSQL for later processing. @@ -42,6 +42,7 @@ A Helm chart for RADAR-base upload connector backend application. This applicati | securityContext | object | `{}` | Configure radar-upload-connect-backend containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8085` | radar-upload-connect-backend port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and proxy settings | | ingress.path | string | `"/upload/api/?(.*)"` | Path within the url structure | diff --git a/charts/radar-upload-connect-backend/templates/configmap.yaml b/charts/radar-upload-connect-backend/templates/configmap.yaml index b4bbf18e..809abc3f 100644 --- a/charts/radar-upload-connect-backend/templates/configmap.yaml +++ b/charts/radar-upload-connect-backend/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: v1 kind: ConfigMap metadata: @@ -7,7 +8,7 @@ metadata: data: upload.yml: | baseUri: "http://0.0.0.0:8085/upload/api/" - advertisedBaseUri: https://{{ .Values.serverName }}/upload/api/ + advertisedBaseUri: {{ printf "%s://%s/upload/api" $https .Values.serverName }} enableCors: yes clientId: {{ .Values.client_id }} clientSecret: {{ .Values.client_secret }} diff --git a/charts/radar-upload-connect-backend/templates/ingress.yaml b/charts/radar-upload-connect-backend/templates/ingress.yaml index ebe91649..c176d8bd 100644 --- a/charts/radar-upload-connect-backend/templates/ingress.yaml +++ b/charts/radar-upload-connect-backend/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-upload-connect-backend/values.yaml b/charts/radar-upload-connect-backend/values.yaml index 5d7001d8..ecea1109 100644 --- a/charts/radar-upload-connect-backend/values.yaml +++ b/charts/radar-upload-connect-backend/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-upload-connect-backend port port: 8085 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true From 8a920da9528cdbd80f30d04c3d15b8ddcf3a24da Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Fri, 19 Jul 2024 13:52:52 +0200 Subject: [PATCH 5/7] Allow config of http URLs in upload-connect-frontend --- charts/radar-upload-connect-frontend/Chart.yaml | 2 +- charts/radar-upload-connect-frontend/README.md | 3 ++- .../radar-upload-connect-frontend/templates/deployment.yaml | 5 +++-- charts/radar-upload-connect-frontend/templates/ingress.yaml | 2 +- charts/radar-upload-connect-frontend/values.yaml | 5 ++++- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/charts/radar-upload-connect-frontend/Chart.yaml b/charts/radar-upload-connect-frontend/Chart.yaml index 8e832a5a..0b683497 100644 --- a/charts/radar-upload-connect-frontend/Chart.yaml +++ b/charts/radar-upload-connect-frontend/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.5.10" description: A Helm chart for RADAR-base upload connector frontend application that provides a UI for uploading files and sending them to the upload-backend. name: radar-upload-connect-frontend -version: 0.3.1 +version: 0.4.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-upload-connect-frontend diff --git a/charts/radar-upload-connect-frontend/README.md b/charts/radar-upload-connect-frontend/README.md index ecffca8e..431054ff 100644 --- a/charts/radar-upload-connect-frontend/README.md +++ b/charts/radar-upload-connect-frontend/README.md @@ -3,7 +3,7 @@ # radar-upload-connect-frontend [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-upload-connect-frontend)](https://artifacthub.io/packages/helm/radar-base/radar-upload-connect-frontend) -![Version: 0.3.1](https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.10](https://img.shields.io/badge/AppVersion-0.5.10-informational?style=flat-square) +![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.10](https://img.shields.io/badge/AppVersion-0.5.10-informational?style=flat-square) A Helm chart for RADAR-base upload connector frontend application that provides a UI for uploading files and sending them to the upload-backend. @@ -42,6 +42,7 @@ A Helm chart for RADAR-base upload connector frontend application that provides | securityContext | object | `{}` | Configure radar-upload-connect-frontend containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `80` | radar-upload-connect-frontend port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | | ingress.path | string | `"/upload/?(.*)"` | Path within the url structure | diff --git a/charts/radar-upload-connect-frontend/templates/deployment.yaml b/charts/radar-upload-connect-frontend/templates/deployment.yaml index f936b091..b91d6db7 100644 --- a/charts/radar-upload-connect-frontend/templates/deployment.yaml +++ b/charts/radar-upload-connect-frontend/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: apps/v1 kind: Deployment metadata: @@ -48,9 +49,9 @@ spec: - name: VUE_APP_BASE_URL value: "/upload" - name: VUE_APP_API_BASE_URL - value: "https://{{ .Values.server_name }}/upload/api/" + value: {{ printf "%s://%s/upload/api" .Values.server_name}} - name: VUE_APP_AUTH_API - value: "https://{{ .Values.server_name }}/managementportal/oauth" + value: {{ printf "%s://%s/managementportal/oauth" .Values.server_name }} - name: VUE_APP_AUTH_CALLBACK value: "{{ .Values.server_name }}/upload/login" - name: VUE_APP_CLIENT_ID diff --git a/charts/radar-upload-connect-frontend/templates/ingress.yaml b/charts/radar-upload-connect-frontend/templates/ingress.yaml index d9a04aee..ad60ab38 100644 --- a/charts/radar-upload-connect-frontend/templates/ingress.yaml +++ b/charts/radar-upload-connect-frontend/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-upload-connect-frontend/values.yaml b/charts/radar-upload-connect-frontend/values.yaml index 8e24bc91..35d42d2d 100644 --- a/charts/radar-upload-connect-frontend/values.yaml +++ b/charts/radar-upload-connect-frontend/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-upload-connect-frontend port port: 80 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true @@ -155,4 +158,4 @@ networkpolicy: # -- Server name or domain name server_name: localhost # -- OAuth2 client id of the upload connect frontend application -vue_app_client_id: radar_upload_frontend +vue_app_client_id: radar_upload_frontend \ No newline at end of file From 8eef83f88f39747d1bffd1708fa15cf2a0479cb5 Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Tue, 23 Jul 2024 08:01:28 +0200 Subject: [PATCH 6/7] Allow config of http URLs in app-config-frontend --- charts/app-config-frontend/Chart.yaml | 2 +- charts/app-config-frontend/README.md | 6 ++---- charts/app-config-frontend/templates/deployment.yaml | 9 +++++---- charts/app-config-frontend/templates/ingress.yaml | 2 +- charts/app-config-frontend/values.yaml | 8 ++------ 5 files changed, 11 insertions(+), 16 deletions(-) diff --git a/charts/app-config-frontend/Chart.yaml b/charts/app-config-frontend/Chart.yaml index c6c8bc96..14a91186 100644 --- a/charts/app-config-frontend/Chart.yaml +++ b/charts/app-config-frontend/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.1.1 +version: 2.0.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/app-config-frontend/README.md b/charts/app-config-frontend/README.md index 0f449cf2..2fa17d30 100644 --- a/charts/app-config-frontend/README.md +++ b/charts/app-config-frontend/README.md @@ -3,7 +3,7 @@ # app-config-frontend [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/app-config-frontend)](https://artifacthub.io/packages/helm/radar-base/app-config-frontend) -![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) +![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) A Helm chart for the frontend application of RADAR-base application config (app-config). @@ -71,6 +71,4 @@ A Helm chart for the frontend application of RADAR-base application config (app- | readinessProbe.successThreshold | int | `1` | Success threshold for readinessProbe | | readinessProbe.failureThreshold | int | `3` | Failure threshold for readinessProbe | | networkpolicy | object | check `values.yaml` | Network policy defines who can access this application and who this applications has access to | -| authUrl | string | `"http://localhost/managementportal/oauth"` | Authorization URL of the IDP | -| authCallbackUrl | string | `"http://localhost/appconfig/login"` | Callback URL to where authorization-code should be returned | -| backendUrl | string | `"/appconfig/api"` | Base-URL of the App Config backend service | +| serverName | string | `"localhost"` | Resolvable server name, needed to find the advertised URL and callback URL | diff --git a/charts/app-config-frontend/templates/deployment.yaml b/charts/app-config-frontend/templates/deployment.yaml index 940bc6c5..0f6d2f57 100644 --- a/charts/app-config-frontend/templates/deployment.yaml +++ b/charts/app-config-frontend/templates/deployment.yaml @@ -1,3 +1,4 @@ +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: apps/v1 kind: Deployment metadata: @@ -49,12 +50,12 @@ spec: env: - name: BASE_HREF value: /appconfig/ + - name: APP_CONFIG_URL + value: /appconfig/api - name: AUTH_URL - value: {{ .Values.authUrl }} + value: {{ printf "%s://%s/managementportal/oauth" $https .Values.serverName }} - name: AUTH_CALLBACK_URL - value: {{ .Values.authCallbackUrl }} - - name: APP_CONFIG_URL - value: {{ .Values.backendUrl }} + value: {{ printf "%s://%s/appconfig/login" $https .Values.serverName }} {{- with .Values.extraEnvVars }} {{- toYaml . | nindent 10 }} {{- end }} diff --git a/charts/app-config-frontend/templates/ingress.yaml b/charts/app-config-frontend/templates/ingress.yaml index 1bb02078..ecf64228 100644 --- a/charts/app-config-frontend/templates/ingress.yaml +++ b/charts/app-config-frontend/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/app-config-frontend/values.yaml b/charts/app-config-frontend/values.yaml index b58a0023..4ffef5c9 100644 --- a/charts/app-config-frontend/values.yaml +++ b/charts/app-config-frontend/values.yaml @@ -155,9 +155,5 @@ networkpolicy: - port: 53 protocol: TCP -# -- Authorization URL of the IDP -authUrl: http://localhost/managementportal/oauth -# -- Callback URL to where authorization-code should be returned -authCallbackUrl: http://localhost/appconfig/login -# -- Base-URL of the App Config backend service -backendUrl: /appconfig/api +# -- Resolvable server name, needed to find the advertised URL and callback URL +serverName: localhost From 290d19451011b2882778c037958bb4edf370887b Mon Sep 17 00:00:00 2001 From: Pim van Nierop Date: Wed, 24 Jul 2024 07:53:07 +0200 Subject: [PATCH 7/7] Disable TLS on ingress for various radar services --- charts/app-config/Chart.yaml | 2 +- charts/app-config/README.md | 3 +- charts/app-config/templates/ingress.yaml | 2 +- charts/app-config/values.yaml | 3 + charts/cc-schema-registry-proxy/Chart.yaml | 2 +- charts/cc-schema-registry-proxy/README.md | 3 +- .../templates/ingress.yaml | 2 +- charts/cc-schema-registry-proxy/values.yaml | 3 + charts/data-dashboard-backend/Chart.yaml | 2 +- charts/data-dashboard-backend/README.md | 3 +- .../templates/ingress.yaml | 2 +- charts/data-dashboard-backend/values.yaml | 3 + charts/kafka-manager/Chart.yaml | 2 +- charts/kafka-manager/README.md | 141 ++++++++---------- charts/kafka-manager/templates/ingress.yaml | 2 +- charts/kafka-manager/values.yaml | 3 + charts/radar-appserver/Chart.yaml | 2 +- charts/radar-appserver/README.md | 3 +- .../radar-appserver/templates/configmap.yaml | 3 +- charts/radar-appserver/templates/ingress.yaml | 2 +- charts/radar-appserver/values.yaml | 3 + charts/radar-gateway/Chart.yaml | 2 +- charts/radar-gateway/README.md | 3 +- charts/radar-gateway/templates/ingress.yaml | 2 +- charts/radar-gateway/values.yaml | 3 + charts/radar-home/Chart.yaml | 2 +- charts/radar-home/README.md | 3 +- charts/radar-home/templates/ingress.yaml | 2 +- charts/radar-home/values.yaml | 3 + charts/radar-integration/Chart.yaml | 2 +- charts/radar-integration/README.md | 3 +- .../radar-integration/templates/ingress.yaml | 2 +- charts/radar-integration/values.yaml | 3 + charts/radar-push-endpoint/Chart.yaml | 2 +- charts/radar-push-endpoint/README.md | 3 +- .../templates/ingress.yaml | 2 +- charts/radar-push-endpoint/values.yaml | 3 + .../radar-upload-connect-frontend/values.yaml | 2 +- 38 files changed, 123 insertions(+), 110 deletions(-) diff --git a/charts/app-config/Chart.yaml b/charts/app-config/Chart.yaml index 22cb57c0..b11f6fc7 100644 --- a/charts/app-config/Chart.yaml +++ b/charts/app-config/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.5.0" description: A Helm chart for RADAR-base application config (app-config) backend service which is used as mobile app configuration engine with per-project and per-user configuration. name: app-config -version: 1.1.1 +version: 1.2.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/app-config diff --git a/charts/app-config/README.md b/charts/app-config/README.md index d3875aee..de4c19a6 100644 --- a/charts/app-config/README.md +++ b/charts/app-config/README.md @@ -3,7 +3,7 @@ # app-config [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/app-config)](https://artifacthub.io/packages/helm/radar-base/app-config) -![Version: 1.1.1](https://img.shields.io/badge/Version-1.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) +![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.5.0](https://img.shields.io/badge/AppVersion-0.5.0-informational?style=flat-square) A Helm chart for RADAR-base application config (app-config) backend service which is used as mobile app configuration engine with per-project and per-user configuration. @@ -45,6 +45,7 @@ A Helm chart for RADAR-base application config (app-config) backend service whic | securityContext | object | `{}` | Configure Appconfig containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8090` | Appconfig port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | | ingress.path | string | `"/appconfig/api"` | Path within the url structure | diff --git a/charts/app-config/templates/ingress.yaml b/charts/app-config/templates/ingress.yaml index 58f6fa73..9d9f17e8 100644 --- a/charts/app-config/templates/ingress.yaml +++ b/charts/app-config/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/app-config/values.yaml b/charts/app-config/values.yaml index d74ebca0..8421c1bf 100644 --- a/charts/app-config/values.yaml +++ b/charts/app-config/values.yaml @@ -50,6 +50,9 @@ service: # -- Appconfig port port: 8090 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/cc-schema-registry-proxy/Chart.yaml b/charts/cc-schema-registry-proxy/Chart.yaml index e51dee31..faed7369 100644 --- a/charts/cc-schema-registry-proxy/Chart.yaml +++ b/charts/cc-schema-registry-proxy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "1.0" description: A Helm chart for Confluent Cloud schema registry proxy. This proxy service is used when RADAR-base platform is used with Confluent Cloud based schema registry. It forwards requests to schema registry with an additonal basic authentication header with Confluent Cloud schema registry credentials. This service will be enabled if `cc.enabled = true`. name: cc-schema-registry-proxy -version: 0.2.4 +version: 0.3.0 type: application home: "https://radar-base.org" icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" diff --git a/charts/cc-schema-registry-proxy/README.md b/charts/cc-schema-registry-proxy/README.md index 2c934a28..34f50047 100644 --- a/charts/cc-schema-registry-proxy/README.md +++ b/charts/cc-schema-registry-proxy/README.md @@ -3,7 +3,7 @@ # cc-schema-registry-proxy [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/cc-schema-registry-proxy)](https://artifacthub.io/packages/helm/radar-base/cc-schema-registry-proxy) -![Version: 0.2.4](https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0](https://img.shields.io/badge/AppVersion-1.0-informational?style=flat-square) +![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0](https://img.shields.io/badge/AppVersion-1.0-informational?style=flat-square) A Helm chart for Confluent Cloud schema registry proxy. This proxy service is used when RADAR-base platform is used with Confluent Cloud based schema registry. It forwards requests to schema registry with an additonal basic authentication header with Confluent Cloud schema registry credentials. This service will be enabled if `cc.enabled = true`. @@ -34,6 +34,7 @@ A Helm chart for Confluent Cloud schema registry proxy. This proxy service is us | service.type | string | `"ExternalName"` | Kubernetes Service type, | | service.externalName | string | `"schema-registry-domain"` | Domain name used for pointing to actual schema registry instance | | service.port | int | `443` | Port number to connect to Confluent platform | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | | ingress.path | string | `"/schema/?(.*)"` | Path within the url structure | diff --git a/charts/cc-schema-registry-proxy/templates/ingress.yaml b/charts/cc-schema-registry-proxy/templates/ingress.yaml index de74764b..a79065cd 100644 --- a/charts/cc-schema-registry-proxy/templates/ingress.yaml +++ b/charts/cc-schema-registry-proxy/templates/ingress.yaml @@ -27,7 +27,7 @@ metadata: nginx.ingress.kubernetes.io/upstream-vhost: {{ $externalName }} {{- end }} spec: -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/cc-schema-registry-proxy/values.yaml b/charts/cc-schema-registry-proxy/values.yaml index a94f5f50..a8d93202 100644 --- a/charts/cc-schema-registry-proxy/values.yaml +++ b/charts/cc-schema-registry-proxy/values.yaml @@ -9,6 +9,9 @@ service: # -- Port number to connect to Confluent platform port: 443 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/data-dashboard-backend/Chart.yaml b/charts/data-dashboard-backend/Chart.yaml index 7cd97882..526beae7 100644 --- a/charts/data-dashboard-backend/Chart.yaml +++ b/charts/data-dashboard-backend/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.1.7" name: data-dashboard-backend description: API for data in the data dashboard -version: 0.2.3 +version: 0.3.0 sources: ["https://github.com/thehyve/radar-data-dashboard-backend"] deprecated: false type: application diff --git a/charts/data-dashboard-backend/README.md b/charts/data-dashboard-backend/README.md index 21ce71d9..f2ba24ec 100644 --- a/charts/data-dashboard-backend/README.md +++ b/charts/data-dashboard-backend/README.md @@ -2,7 +2,7 @@ # data-dashboard-backend -![Version: 0.2.3](https://img.shields.io/badge/Version-0.2.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.7](https://img.shields.io/badge/AppVersion-0.1.7-informational?style=flat-square) +![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.7](https://img.shields.io/badge/AppVersion-0.1.7-informational?style=flat-square) API for data in the data dashboard @@ -41,6 +41,7 @@ API for data in the data dashboard | securityContext | object | `{}` | Configure container's Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `9000` | data-dashboard-backend port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.ingressClassName | string | `"nginx"` | Ingress class name | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | diff --git a/charts/data-dashboard-backend/templates/ingress.yaml b/charts/data-dashboard-backend/templates/ingress.yaml index 4916b9ee..54d6f6b5 100644 --- a/charts/data-dashboard-backend/templates/ingress.yaml +++ b/charts/data-dashboard-backend/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} - {{- if .Values.ingress.tls }} + {{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range .Values.ingress.hosts }} diff --git a/charts/data-dashboard-backend/values.yaml b/charts/data-dashboard-backend/values.yaml index 61c0743e..826e924b 100644 --- a/charts/data-dashboard-backend/values.yaml +++ b/charts/data-dashboard-backend/values.yaml @@ -40,6 +40,9 @@ service: # -- data-dashboard-backend port port: 9000 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/kafka-manager/Chart.yaml b/charts/kafka-manager/Chart.yaml index ef73bf7c..ed387edc 100644 --- a/charts/kafka-manager/Chart.yaml +++ b/charts/kafka-manager/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: kafka-manager -version: 2.1.6 +version: 2.2.0 appVersion: 1.3.3.18 kubeVersion: "^1.8.0-0" description: A tool for managing Apache Kafka. diff --git a/charts/kafka-manager/README.md b/charts/kafka-manager/README.md index fdf6e5ba..010b3093 100644 --- a/charts/kafka-manager/README.md +++ b/charts/kafka-manager/README.md @@ -1,84 +1,61 @@ -# Kafka Manager Helm Chart -[Kafka Manager](https://github.com/yahoo/kafka-manager) is a tool for managing [Apache Kafka](http://kafka.apache.org/). -## TL;DR; - -```bash -$ helm install stable/kafka-manager -``` - -## Prerequisites - -- Kubernetes 1.9+ with Beta APIs enabled - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```bash -$ helm install --name my-release stable/kafka-manager -``` - -The command deploys Kafka Manager on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: - -```bash -$ helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Configuration - -The following table lists the configurable parameters of the Kafka Manager chart and their default values. - -Parameter | Description | Default ---------- | ----------- | ------- -`serviceAccount.create` | If true, create a service account for kafka-manager | `true` -`serviceAccount.name` | Name of the service account to create or use | `{{ kafka-manager.fullname }}` -`image.repository` | Container image repository | `zenko/kafka-manager` -`image.tag` | Container image tag | `1.3.3.18` -`image.pullPolicy` | Container image pull policy | `IfNotPresent` -`zkHosts` | Zookeeper hosts required by the kafka-manager | `localhost:2181` -`clusters` | Configuration of the clusters to manage | `{}` -`applicationSecret` | Kafka-manager application secret | `""` -`basicAuth.enabled` | If ture, enable basic authentication | `false` -`basicAuth.username` | Username for basic auth | `admin` -`basicAuth.password` | Paswword for basic auth | `""` -`javaOptions` | Java runtime options | `""` -`service.type` | Kafka-manager service type | `ClusterIP` -`service.port` | Kafka-manager service port | `9000` -`service.annotations` | Optional service annotations | `{}` -`ingress.enabled` | If true, create an ingress resource | `false` -`ingress.annotations` | Optional ingress annotations | `{}` -`ingress.path` | Ingress path | `/` -`ingress.hosts` | Ingress hostnames | `kafka-manager.local` -`ingress.tls` | Ingress TLS configuration | `[]` -`resources` | Pod resource requests and limits | `{}` -`nodeSelector` | Node labels for pod assignment | `{}` -`tolerations` | Tolerations for pod assignment | `[]` -`affinity` | Affinity for pod assignment | `{}` -`zookeeper.enabled` | If true, deploy Zookeeper | `false` -`zookeeper.env` | Enviromental variables for Zookeeper | `ZK_HEAP_SIZE: "1G"` -`zookeeper.persistence` | If true, enable persistence for Zookeeper | `false` - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -```console -$ helm install stable/kafka-manager --name my-release \ - --set ingress.enabled=true -``` - -Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, - -```console -$ helm install stable/kafka-manager --name my-release -f values.yaml -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) +# kafka-manager + +![Version: 2.2.0](https://img.shields.io/badge/Version-2.2.0-informational?style=flat-square) ![AppVersion: 1.3.3.18](https://img.shields.io/badge/AppVersion-1.3.3.18-informational?style=flat-square) + +A tool for managing Apache Kafka. + +**Homepage:** + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| giacomoguiulfo | | | +| ssalaues | | | + +## Source Code + +* + +## Requirements + +Kubernetes: `^1.8.0-0` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| clusters | string | `nil` | | +| applicationSecret | string | `""` | | +| basicAuth.enabled | bool | `false` | | +| basicAuth.username | string | `"admin"` | | +| basicAuth.password | string | `""` | | +| javaOptions | string | `""` | | +| service.type | string | `"ClusterIP"` | | +| service.port | int | `9000` | | +| service.annotations | object | `{}` | | +| resources.requests.cpu | string | `"100m"` | | +| resources.requests.memory | string | `"400Mi"` | | +| nodeSelector | object | `{}` | | +| tolerations | list | `[]` | | +| affinity | object | `{}` | | +| zookeeper | object | `{"enabled":false,"env":{"ZK_HEAP_SIZE":"1G"},"persistence":{"enabled":false}}` | ---------------------------------------------------------------------------- | +| zkHosts | string | `"cp-zookeeper:2181"` | | +| image.repository | string | `"radarbase/kafka-manager"` | | +| image.tag | string | `"1.3.3.18"` | | +| image.pullPolicy | string | `"IfNotPresent"` | | +| imagePullSecrets | list | `[]` | Docker registry secret names as an array | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | +| ingress.enabled | bool | `true` | Enable ingress controller resource | +| ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | +| ingress.path | string | `"/kafkamanager/"` | Path within the url structure | +| ingress.pathType | string | `"ImplementationSpecific"` | | +| ingress.hosts | list | `["localhost"]` | Hosts to accept requests from | +| ingress.tls.secretName | string | `"radar-base-tls"` | TLS Secret Name | + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1) diff --git a/charts/kafka-manager/templates/ingress.yaml b/charts/kafka-manager/templates/ingress.yaml index d4170ae2..db1d8456 100644 --- a/charts/kafka-manager/templates/ingress.yaml +++ b/charts/kafka-manager/templates/ingress.yaml @@ -19,7 +19,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/kafka-manager/values.yaml b/charts/kafka-manager/values.yaml index 7baeb2ac..007eda8b 100644 --- a/charts/kafka-manager/values.yaml +++ b/charts/kafka-manager/values.yaml @@ -146,6 +146,9 @@ image: # -- Docker registry secret names as an array imagePullSecrets: [] +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/radar-appserver/Chart.yaml b/charts/radar-appserver/Chart.yaml index 9c4a2d75..e09f82a7 100644 --- a/charts/radar-appserver/Chart.yaml +++ b/charts/radar-appserver/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "2.4.1" description: A Helm chart for the backend application of RADAR-base Appserver name: radar-appserver -version: 0.3.0 +version: 0.4.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-appserver diff --git a/charts/radar-appserver/README.md b/charts/radar-appserver/README.md index b6f51b29..a7f5f527 100644 --- a/charts/radar-appserver/README.md +++ b/charts/radar-appserver/README.md @@ -3,7 +3,7 @@ # radar-appserver [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-appserver)](https://artifacthub.io/packages/helm/radar-base/radar-appserver) -![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.4.1](https://img.shields.io/badge/AppVersion-2.4.1-informational?style=flat-square) +![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.4.1](https://img.shields.io/badge/AppVersion-2.4.1-informational?style=flat-square) A Helm chart for the backend application of RADAR-base Appserver @@ -41,6 +41,7 @@ A Helm chart for the backend application of RADAR-base Appserver | securityContext | object | `{}` | Configure radar-appserver containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | radar-appserver port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and session configuration | | ingress.path | string | `"/appserver/?(.*)"` | Path within the url structure | diff --git a/charts/radar-appserver/templates/configmap.yaml b/charts/radar-appserver/templates/configmap.yaml index d6daa8ae..b62d7179 100644 --- a/charts/radar-appserver/templates/configmap.yaml +++ b/charts/radar-appserver/templates/configmap.yaml @@ -1,3 +1,4 @@ +{{ $https := ternary "http" "https" (or .Values.disable_tls (not .Values.ingress.tls)) }} apiVersion: v1 kind: ConfigMap metadata: @@ -16,7 +17,7 @@ data: # Set of supported public key endpoints for authentication publicKeyEndpoints: - - https://{{ .Values.serverName }}/managementportal/oauth/token_key + - {{ printf "%s://%s/managementportal/oauth/token_key" $https .Values.serverName | quote }} {{- range .Values.public_key_endpoints }} - {{ . | quote }} {{ end -}} diff --git a/charts/radar-appserver/templates/ingress.yaml b/charts/radar-appserver/templates/ingress.yaml index 7fe21753..5f509df3 100644 --- a/charts/radar-appserver/templates/ingress.yaml +++ b/charts/radar-appserver/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-appserver/values.yaml b/charts/radar-appserver/values.yaml index 38df5223..4aba6531 100644 --- a/charts/radar-appserver/values.yaml +++ b/charts/radar-appserver/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-appserver port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/radar-gateway/Chart.yaml b/charts/radar-gateway/Chart.yaml index c030e4a2..1af873ee 100644 --- a/charts/radar-gateway/Chart.yaml +++ b/charts/radar-gateway/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.7.2" description: A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming participant data. It performs authentication, authorization, content validation and decompression. For more details of the configurations, see https://github.com/RADAR-base/RADAR-Gateway/blob/master/gateway.yml. name: radar-gateway -version: 1.1.7 +version: 1.2.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-gateway diff --git a/charts/radar-gateway/README.md b/charts/radar-gateway/README.md index e8d26df2..093802cf 100644 --- a/charts/radar-gateway/README.md +++ b/charts/radar-gateway/README.md @@ -3,7 +3,7 @@ # radar-gateway [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-gateway)](https://artifacthub.io/packages/helm/radar-base/radar-gateway) -![Version: 1.1.7](https://img.shields.io/badge/Version-1.1.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.2](https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square) +![Version: 1.2.0](https://img.shields.io/badge/Version-1.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.7.2](https://img.shields.io/badge/AppVersion-0.7.2-informational?style=flat-square) A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming participant data. It performs authentication, authorization, content validation and decompression. For more details of the configurations, see https://github.com/RADAR-base/RADAR-Gateway/blob/master/gateway.yml. @@ -41,6 +41,7 @@ A Helm chart for RADAR-base gateway. REST Gateway to Kafka, for incoming partici | securityContext | object | `{}` | Configure radar-gateway containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | radar-gateway port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and deny access to sensitive URLs | | ingress.path | string | `"/kafka/?(.*)"` | Path within the url structure | diff --git a/charts/radar-gateway/templates/ingress.yaml b/charts/radar-gateway/templates/ingress.yaml index 16ebcfc5..973e8d71 100644 --- a/charts/radar-gateway/templates/ingress.yaml +++ b/charts/radar-gateway/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-gateway/values.yaml b/charts/radar-gateway/values.yaml index 8a1ec4f2..92362c74 100644 --- a/charts/radar-gateway/values.yaml +++ b/charts/radar-gateway/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-gateway port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/radar-home/Chart.yaml b/charts/radar-home/Chart.yaml index f7520c73..3a87feaf 100644 --- a/charts/radar-home/Chart.yaml +++ b/charts/radar-home/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.1.3" description: RADAR-base home page. name: radar-home -version: 0.2.2 +version: 0.3.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-home diff --git a/charts/radar-home/README.md b/charts/radar-home/README.md index 70bf045d..eaaa7037 100644 --- a/charts/radar-home/README.md +++ b/charts/radar-home/README.md @@ -3,7 +3,7 @@ # radar-home [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-home)](https://artifacthub.io/packages/helm/radar-base/radar-home) -![Version: 0.2.2](https://img.shields.io/badge/Version-0.2.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.3](https://img.shields.io/badge/AppVersion-0.1.3-informational?style=flat-square) +![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.3](https://img.shields.io/badge/AppVersion-0.1.3-informational?style=flat-square) RADAR-base home page. @@ -40,6 +40,7 @@ RADAR-base home page. | namespace | string | `"default"` | Kubernetes namespace that Appconfig is going to be deployed on | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | Port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer | | ingress.path | string | `"/"` | Path within the url structure | diff --git a/charts/radar-home/templates/ingress.yaml b/charts/radar-home/templates/ingress.yaml index ebe6277c..94c7c5cf 100644 --- a/charts/radar-home/templates/ingress.yaml +++ b/charts/radar-home/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-home/values.yaml b/charts/radar-home/values.yaml index fc50aa38..d5ef8f95 100644 --- a/charts/radar-home/values.yaml +++ b/charts/radar-home/values.yaml @@ -30,6 +30,9 @@ service: # -- Port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/radar-integration/Chart.yaml b/charts/radar-integration/Chart.yaml index b6134633..b33fe661 100644 --- a/charts/radar-integration/Chart.yaml +++ b/charts/radar-integration/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "1.0.4" description: A Helm chart for RADAR-Base REDCap survey integration application. name: radar-integration -version: 0.5.3 +version: 0.6.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-integration diff --git a/charts/radar-integration/README.md b/charts/radar-integration/README.md index 61fe225c..b1c4efcd 100644 --- a/charts/radar-integration/README.md +++ b/charts/radar-integration/README.md @@ -3,7 +3,7 @@ # radar-integration [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-integration)](https://artifacthub.io/packages/helm/radar-base/radar-integration) -![Version: 0.5.3](https://img.shields.io/badge/Version-0.5.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.4](https://img.shields.io/badge/AppVersion-1.0.4-informational?style=flat-square) +![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.4](https://img.shields.io/badge/AppVersion-1.0.4-informational?style=flat-square) A Helm chart for RADAR-Base REDCap survey integration application. @@ -41,6 +41,7 @@ A Helm chart for RADAR-Base REDCap survey integration application. | securityContext | object | `{}` | Configure radar-integration containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8080` | radar-integration port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and deny access to sensitive URLs | | ingress.path | string | `"/redcapint/?(.*)"` | Path within the url structure | diff --git a/charts/radar-integration/templates/ingress.yaml b/charts/radar-integration/templates/ingress.yaml index 49850850..55242a1d 100644 --- a/charts/radar-integration/templates/ingress.yaml +++ b/charts/radar-integration/templates/ingress.yaml @@ -20,7 +20,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-integration/values.yaml b/charts/radar-integration/values.yaml index 9cbc60c1..fe21e687 100644 --- a/charts/radar-integration/values.yaml +++ b/charts/radar-integration/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-integration port port: 8080 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/radar-push-endpoint/Chart.yaml b/charts/radar-push-endpoint/Chart.yaml index 10785f21..da95925a 100644 --- a/charts/radar-push-endpoint/Chart.yaml +++ b/charts/radar-push-endpoint/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: "0.2.2" description: A Helm chart for RADAR-base Push Endpoint. REST Gateway to Kafka, for incoming data from Push or Subscription based WEB APIs. It performs authentication, authorization and content validation. For more details of the configurations, see https://github.com/RADAR-base/RADAR-PushEndpoint. name: radar-push-endpoint -version: 0.2.4 +version: 0.3.0 icon: "http://radar-base.org/wp-content/uploads/2022/09/Logo_RADAR-Base-RGB.png" sources: - https://github.com/RADAR-base/radar-helm-charts/tree/main/charts/radar-push-endpoint diff --git a/charts/radar-push-endpoint/README.md b/charts/radar-push-endpoint/README.md index 93a17e27..8f8a5942 100644 --- a/charts/radar-push-endpoint/README.md +++ b/charts/radar-push-endpoint/README.md @@ -3,7 +3,7 @@ # radar-push-endpoint [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/radar-push-endpoint)](https://artifacthub.io/packages/helm/radar-base/radar-push-endpoint) -![Version: 0.2.4](https://img.shields.io/badge/Version-0.2.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.2](https://img.shields.io/badge/AppVersion-0.2.2-informational?style=flat-square) +![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.2](https://img.shields.io/badge/AppVersion-0.2.2-informational?style=flat-square) A Helm chart for RADAR-base Push Endpoint. REST Gateway to Kafka, for incoming data from Push or Subscription based WEB APIs. It performs authentication, authorization and content validation. For more details of the configurations, see https://github.com/RADAR-base/RADAR-PushEndpoint. @@ -41,6 +41,7 @@ A Helm chart for RADAR-base Push Endpoint. REST Gateway to Kafka, for incoming d | securityContext | object | `{}` | Configure radar-push-endpoint containers' Security Context | | service.type | string | `"ClusterIP"` | Kubernetes Service type | | service.port | int | `8090` | radar-push-endpoint port | +| disable_tls | bool | `false` | Disable TLS (reconfigures Ingress and sets URLs to use HTTP) | | ingress.enabled | bool | `true` | Enable ingress controller resource | | ingress.annotations | object | check values.yaml | Annotations that define default ingress class, certificate issuer and deny access to sensitive URLs | | ingress.path | string | `"/push-endpoint/?(.*)"` | Path within the url structure | diff --git a/charts/radar-push-endpoint/templates/ingress.yaml b/charts/radar-push-endpoint/templates/ingress.yaml index 491ca7f1..ce226830 100644 --- a/charts/radar-push-endpoint/templates/ingress.yaml +++ b/charts/radar-push-endpoint/templates/ingress.yaml @@ -14,7 +14,7 @@ metadata: {{- end }} spec: ingressClassName: {{ .Values.ingress.ingressClassName | quote }} -{{- if .Values.ingress.tls }} +{{- if and .Values.ingress.tls (not .Values.disable_tls) }} tls: - hosts: {{- range $hosts }} diff --git a/charts/radar-push-endpoint/values.yaml b/charts/radar-push-endpoint/values.yaml index a52d93d4..2116ef8c 100644 --- a/charts/radar-push-endpoint/values.yaml +++ b/charts/radar-push-endpoint/values.yaml @@ -41,6 +41,9 @@ service: # -- radar-push-endpoint port port: 8090 +# -- Disable TLS (reconfigures Ingress and sets URLs to use HTTP) +disable_tls: false + ingress: # -- Enable ingress controller resource enabled: true diff --git a/charts/radar-upload-connect-frontend/values.yaml b/charts/radar-upload-connect-frontend/values.yaml index 35d42d2d..aaf6ade5 100644 --- a/charts/radar-upload-connect-frontend/values.yaml +++ b/charts/radar-upload-connect-frontend/values.yaml @@ -158,4 +158,4 @@ networkpolicy: # -- Server name or domain name server_name: localhost # -- OAuth2 client id of the upload connect frontend application -vue_app_client_id: radar_upload_frontend \ No newline at end of file +vue_app_client_id: radar_upload_frontend