Merge pull request #53 from Telecominfraproject/feature/thirdparties-fixes

fixing docker secret and fixing kafka topics

README.md

@@ -61,7 +61,7 @@ More details can be found here: https://telecominfraproject.atlassian.net/wiki/s
 # Deleting the wlan-cloud deployment:
 Run the following command:
 ```
-helm del tip-wlan -n default
+helm del tip-wlan -n tip (replace the namespace with your namespace)
 ```
 	(Note: this would not delete the tip namespace and any PVC/PV/Endpoints under this namespace. These are needed so we can reuse the same PVC mount when the pods are restarted.)
 	

tip-wlan/charts/opensync-gw-cloud/templates/deployment.yaml

@@ -67,9 +67,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           {{- if .Values.probes.enabled }}

tip-wlan/charts/opensync-gw-static/templates/deployment.yaml

@@ -25,9 +25,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           {{- if .Values.probes.enabled }}

tip-wlan/charts/wlan-cloud-graphql-gw/templates/deployment.yaml

@@ -25,9 +25,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.global.pullPolicy }}
           env:

tip-wlan/charts/wlan-cloud-static-portal/templates/deployment.yaml

@@ -25,9 +25,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           env:

tip-wlan/charts/wlan-integrated-cloud-component-service/templates/deployment.yaml

@@ -82,9 +82,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           env:

tip-wlan/charts/wlan-port-forwarding-gateway-service/templates/deployment.yaml

@@ -53,9 +53,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           env:

tip-wlan/charts/wlan-portal-service/templates/statefulset.yaml

@@ -49,9 +49,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           env:

tip-wlan/charts/wlan-prov-service/templates/deployment.yaml

@@ -119,9 +119,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           env:

tip-wlan/charts/wlan-spc-service/templates/deployment.yaml

@@ -33,9 +33,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           env:

tip-wlan/charts/wlan-ssc-service/templates/deployment.yaml

@@ -113,9 +113,9 @@ spec:
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           {{- if .Values.global.testingEnabled }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}-{{.Values.global.testingTimestamp}}
           {{- else }}
-          image: {{ .Values.global.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.global.repository.registry  }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
           {{- end }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }} 
           env:

tip-wlan/resources/environments/dev-amazon-tip.yaml

@@ -3,7 +3,6 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment:
   testingEnabled:
@@ -115,121 +114,19 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: gp2
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: gp2
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: gp2
-  volumePermissions:
+
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev-docker-on-windows.yaml

@@ -3,23 +3,9 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment: false
   testingEnabled:
-  kafka:
-    image: confluentinc/cp-kafka:5.0.1
-    port: 9092
-    topics:
-    - name: wlan_service_metrics
-      partitions: 1
-      replicationFactor: 1
-    - name: system_events
-      partitions: 1
-      replicationFactor: 1
-    - name: customer_events
-      partitions: 1
-      replicationFactor: 1
   creds:
     sslKeyPassword: mypassword
     sslKeystorePassword: mypassword
@@ -173,123 +159,22 @@ nginx-ingress-controller:
       cert: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZEekNDQXZlZ0F3SUJBZ0lVYSthaVJZWG9QTGliSS9wdVJCdi9DZ2RTTDNzd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0Z6RVZNQk1HQTFVRUF3d01LaTUzYkdGdUxteHZZMkZzTUI0WERUSXdNVEl5TVRJd05UQXpNVm9YRFRNdwpNVEl4T1RJd05UQXpNVm93RnpFVk1CTUdBMVVFQXd3TUtpNTNiR0Z1TG14dlkyRnNNSUlDSWpBTkJna3Foa2lHCjl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUEwQjhuZE1raGIzZEN6N0I2aS9kRlFWenJwaEtQK2RmY2JKN1gKMzB3MU1FWDIvM3ZvVStkRlBNbnZrS3hEdFJwanZCbnhCczF6L1VmajlyUFhDSzZkazNNYU5DajRQYVUxem9WQQppK1Z6amc0ZG5XNjJxWG1qYVYrYUMrQm5zQndyQmx2THQ0dkh1eFRLbHh1RnR4THdid3VObGJvS1lVN01kV3oyCllMY3QzUWZBWElVb2FRK1RTMUZGdVdFeEZOTFRidlBGZWNoajB4ZnhyOU5BcU9aTXI0RGE0NHMzVERxMVVyRTIKbjhaZXFxVXZ1YUE4ZmEzQjNVZVRFNmJ4OEdhN1JybG5Dakd3UDRGVml3ajdvellmanV6T2JOM2dlcjdWcEpLMQpMSjdIdDBBemZlRm9aQ2xPbUVBd1p5alFwRGZOckdNTCs1dWtIK2JxWngyaUo5UndFcDNmdlE4em5jN1Q4dHJDCmxzMjRWNUpySWhUQXlCcTZRWVNnSXdXM2V5TmVpUnQ0ZHp6Sk5rNnd4cFp0WE96WTFwamJrV2FMaEhKOW1LRWoKU3lqVVBnS3dKSVlmb3BJbTJoUzl1dVZHZDdiU1MyV055aHJSOU5LSG5Lamo5Y0IrUWU0eEh0Z1pEcm1GZ1ZpZQp0cXZBUHhJL0ZkV1pSN3RmT2JCNTR3alMxVFk3TEd6cll4TDZSMWNjZDE4WUppcGNTS05xa05ORlllZ092VkNICmFldW1OTUdVNlZZalJWS1JmQXMva2FzcWxleGpheSt0SXNtd3dDZGoxUUN3UitRa2VEZFdoNE8vQzM1NENRb28KTkxZYzRNRk8xbVVDY2NsbUgvbFBvcTd1anBCMWI2VmFBNVprNFhjVUpRc0c4SUlSMDFHTFM5RW1HVVZaeTlOWApwV2dCbXNVQ0F3RUFBYU5UTUZFd0hRWURWUjBPQkJZRUZOZlVJSGhXdnFwUzg2ZC82SnJvbmxFYzZMU1NNQjhHCkExVWRJd1FZTUJhQUZOZlVJSGhXdnFwUzg2ZC82SnJvbmxFYzZMU1NNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHcKRFFZSktvWklodmNOQVFFTEJRQURnZ0lCQUtlTW9PckhLZ3BGemtkckVhMVhSSVRUOHFZanhKc04yNmFIMFovLwp1dDRXVkE4ckNDNzV4VkpaNnpBQWlBOFE2eTRYSHBzRzl2ZSs1QlJIWEdCS0lYOU5FZGNrbWdNdExzQ2xOR0JCCkxkN3lWd3hhaGVCQzhVTWIrVTAxMlNwaFc3K0t6UFJhQ3g4cHNMMUlFQUkyblQ1MzlCNDBmR2NyTktNSDRqZGkKdkxad3VxT00rZnJucFJ1MkZlK3Bja2Fwek92SEJTb0I3THovR1dmMWUwZ0llc1B4WEdmVG9hbGM1SzU5bDF1TQpCTkhpUW15S3E4TS9MbllMejhyOWp3dHNKU2lLYUljelpISjNtQ0ZUb3ljREF3NTl3WEdmWXZWcFBMaWZXTTJxCm1uSlJKM2dQS1lzOUhXWFgyYktoSmZoMjRLOTN2M1duMVRUellYOGtTbWlnRG0wTUhOSTNwZktlMmJqVW9MNmgKMlQ4bWhRbjdPQ2dvZHMvOXczR1dOdmFxYTAySHRnc0tTbk9YdmpSNXFMaVFLRjdhMi95TTlrNWNQcUdHaW1GYgppUWV3eUgvMWw2YjQ0T0s2RGwwMVltWFltNUVqR3plckp2aU90eUhSaWhtME01VmNBWWJaYkE0S1Y1eHhLZjRqClIwaktwQXdqbEpzTDdRMk9zTC9IRkxmaDV1RU1HMXlmTzF1blZkVURKK1FBZHJQUG5tZTZVTVFQZm1UcGx1WjAKS3pvOXY3NEpYV0pwQkNtaWNTbFBQdnB3cXZLTk5iOWd6b0hjOXFheWMwNWVxRldRbzNNZjIzYU82b05wU2ZuaAp5aWMvczFQcC9ZS2FHakVSQXB1UmRvYTlWT1diUncycFZMei9rZVNraS9QTDJFRFc4RUVHYjFXcUFBMkJPVVhDCi9oYXQKLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
       key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRd0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQ1Mwd2dna3BBZ0VBQW9JQ0FRRFFIeWQweVNGdmQwTFAKc0hxTDkwVkJYT3VtRW8vNTE5eHNudGZmVERVd1JmYi9lK2hUNTBVOHllK1FyRU8xR21POEdmRUd6WFA5UitQMgpzOWNJcnAyVGN4bzBLUGc5cFRYT2hVQ0w1WE9PRGgyZGJyYXBlYU5wWDVvTDRHZXdIQ3NHVzh1M2k4ZTdGTXFYCkc0VzNFdkJ2QzQyVnVncGhUc3gxYlBaZ3R5M2RCOEJjaFNocEQ1TkxVVVc1WVRFVTB0TnU4OFY1eUdQVEYvR3YKMDBDbzVreXZnTnJqaXpkTU9yVlNzVGFmeGw2cXBTKzVvRHg5cmNIZFI1TVRwdkh3WnJ0R3VXY0tNYkEvZ1ZXTApDUHVqTmgrTzdNNXMzZUI2dnRXa2tyVXNuc2UzUUROOTRXaGtLVTZZUURCbktOQ2tOODJzWXd2N202UWY1dXBuCkhhSW4xSEFTbmQrOUR6T2R6dFB5MnNLV3piaFhrbXNpRk1ESUdycEJoS0FqQmJkN0kxNkpHM2gzUE1rMlRyREcKbG0xYzdOaldtTnVSWm91RWNuMllvU05MS05RK0FyQWtoaCtpa2liYUZMMjY1VVozdHRKTFpZM0tHdEgwMG9lYwpxT1Axd0g1QjdqRWUyQmtPdVlXQldKNjJxOEEvRWo4VjFabEh1MTg1c0huakNOTFZOanNzYk90akV2cEhWeHgzClh4Z21LbHhJbzJxUTAwVmg2QTY5VUlkcDY2WTB3WlRwVmlORlVwRjhDeitScXlxVjdHTnJMNjBpeWJEQUoyUFYKQUxCSDVDUjROMWFIZzc4TGZuZ0pDaWcwdGh6Z3dVN1daUUp4eVdZZitVK2lydTZPa0hWdnBWb0RsbVRoZHhRbApDd2J3Z2hIVFVZdEwwU1laUlZuTDAxZWxhQUdheFFJREFRQUJBb0lDQVFDUVRkbXN4enl3cmUrY1ZCQlVkaW9GCjdTalRhTEY5bWFlVGhQdkhMMjc5dnJWSlpoK3I5WUp6YU16NzhnV3NUOVR4ZXNjOVlUMVlVLzJEZENUWU4wSzUKRnlrSEc1VXNJUjVTeU4vOVlDWWtURE5La3BhQ29mMmxOWTE1U0twOFdMdVlXQlBEZTE4TW41anM5ejlhdGY0Ugo4Ti9GL2szdU5KWGRvYVNmWU1Pakt4bTh6UE05RFhpaTA0SlZ6RWNjMmlXU0crSkQwNmNybWNHUm1SZVBSTWZOCk5Mb1E1ZGw4dUlRN0J2Y0tCNkJpRDlFc2t5YitPWGxmTlo2TUZNaFNXTmpuYSt3L0REN1plWkxYcVczWk45RGYKNStBbGFoNlkzVE1EUGxueXkxRk5CVzN1alZrMWdkS21ESFBEUTNDUFBNWVdEa01qdlVJcWdKRHMySVl6dWIvTwpXRjRVUTV5UEJhZzluaWp1dS9uMVZDdGZuSkxwakZIakU1VzdkK3p1UGh6aUJ1WDFOcjRtOVVJdEpaSTNsYmJtCmdvZFlMdGl4b3RwNWF3ang1eXA3MU1zUHlTZzcrbHBPenA4dStuRENJcnc0K0VSME56MG8yTXFmcmJ2VklGQXIKWHIyc2YrejljbmtxalBWWEZaVks3em1TUHI5N0YrbTV4RHpURG9lTG53aVlhUUpOQ0ZhejhMVERjNldVT2w4SQpLOWhHd3FaK0llTlgreW16em16Nkx6WWVPaGlrRmNRaUI0UXVPSjdWWnZWRmVoS3JJMXJLWHJDRU01VmpJZXBkCkhzR0c1eTlLUkcxdEszSU5ScmI0SHlhRDF6SHJSTHRneFpLT1BvWDN0UjNmbTJ1aGova3dwelZnWTltRXJDWDkKd2I4SVA5TXdRR3REQVNBcjZWVmJvUUtDQVFFQThIeWlaK1lVeFEzQnprL1hoNmZMWWNYakE3NTJrQ204VWZzWQp0d1Z4N0EyNW5YRStiUDRIT3UyVC9kTlc0Tkw1elZPT0JkaWZIcTJQVFNVMGYzQUFHL0pNcnVzM3NrNHd4azM5CitYYlh0dHltWkdxb3FEcVN3TUw2czVpY1RnangvenRhSXk1TWFKYWhUYUpNdFRQQlVpZ3U3enhoeGNwVlhNVUMKTklHcFl5Mkt5R2hyMjVVOFdlR0RYQm9SS2xYUXJXYkNZeW1kMXdYQStEaVl0dzA5eit0VHhPNTRodjFCZkJKZwpWMGd0VWdJU0I2WEZDMU9CWDZXQ1pXYlhCN2hPaHhISjNkNHAyQlZyN0gxL2JDQ0ZvVDY5by9WQVNHRmdtTHRiCnpGalRNbjFIaTluVW5jUFlScWpsN1h0NWdPOHBOa3BwMjVrNHIxRVludWhIazcrYzdRS0NBUUVBM1l3THozNloKNEVPRndvODIrUlVId2lkaFExOEdrU1JvWStKVm1udXJpSXdHZTk3ZmRTVk91d092SDlZSVhsRWpjRitoOHFQVQpJVnpIOXBuYXZjTENEMnhIOWZ5d09ML3pmYmJnYnExZjV4Y3BOUXlYM1JnTGFDUVpLNkpJa3NzOUtDb0dhSzlaCmpMVm41MjFFZlFBRE5DSi93YlRCb3dLQ0dTNDUzSzRBaWFEWHN6TkJLUk5MOHVaWWYwK0x0U2IzV3lkZVQ2eUgKdGZiSXR3NlBSS1lxb2NaeGIrM0pWQWFHcGxScjVZSlNDU1BtTjFMSjU0djlTcXBIVnJMNzJudFNwKzdDODJ6SgpJajVOSXFEOGFsOVZ3WFB5dExRd25hYWc1TW5ka0NLQ3R0MlVHSGZwMEh3ZTJTL1hkemppS2gzZTZaT3MyMSt1CitQUHVrSkUxTTZzU09RS0NBUUJjWVJRbDR6MUJRUHFjM1JESEhJN0UvVFlxWHdTK2RqblFLQ3VqU3FVcmIwNUoKQzVKV1hmSzdFVDVUTjliY3dFNlRNRENUVUZZM2U2WmJsUm9vaGdhVXRhdjlXWC9vcjU2TzNyRGNIbW5ZNWNQSgpPU3VXakFHSnFKeVRWdUZjSEpXUlhPUlFOVjNHbzI1Tkd6WnFPUHBmSys1em1mZFkrbE4yTW51WlhlR0twcGowClNTQjlsa003cDZSRlFnSXNDQkVFTzBBYXhZYkxiWHRtSHArVFdiUFA1ZThrN0JKQ2tKQ1NMNkR3aGxwYWNVOHAKdnVVRlo4dC95VjFneEhOL2xLNGR0cGliOE5hVUdnNStKdXRHeHV0dU9HS3kwK2dncGI5c2pEUkVPQzdRNjAwTApqTjdleDdlUjFSbVY4Mk9HUXRqSzhTVGU1V25mOXNBRmN1YmorNncxQW9JQkFHYXM4Z2hQRHpkOWM2OXd1alNFCkI1MTJyTUFSZVRTcEgrd3l5Q09aYnkwUVlDem1aTCtnODdUK2h4b0ZFc25MWnRZOHJBeU0ydEkvY3JrYUl1TlIKTUtqL01QYVREb1N1aVVWWkRQaWVSMVVOU2Q2NUlHU3FNUmNwcTdTcU9HSTM2UGNGU3dVWFJ6Uk1Hb1NLQW5UQQpIYnY2eFNUY0JlWHJVcW9pMzFRa0hFR3NsbXNKdFFnNVZqaVRncTQyQ25TQlE2QXVSYW85Tm9RaGhISTZRREc3CnBRUm11TW43OVJPSkZyeGRZY2Z6TnR2ZmxHRk5jQjlzcEk0SERwcml4cEJDR1ZPVTl5cmozdStNMmlqVFhVaGIKT0o0NGcySTJKRlhjRkxNVHp5aHVwZy9qN3kvTDIwUHhVa2Fyd25zUmxOZWFFbVpFTjVkUDZBS2U0cENEaTVtUApqaGtDZ2dFQkFMUmtVeG9oZDh2ZVBwR3hPbWlOak5HekpiTDlscGx0TWxhR0dPQ3JOUkZSeEppblgzWU9UVnhiCkRFVlpqaXRHNldydzFxaDdnZXAzeEdJaWZHQ1lZV3pNc0RZTitueGtwV0lRRmZOV3dYemNRWlhrTEduZVlUdTAKSVU2RjY5Myt1Q0tkcHVCdVl0d3BQNEJCVkNCRTVON0FzRGV4bFBYTzk1cEw3ZzR4OG5RckdNeGJlRXVOdytaTwpPYmYvTnFFMGZZcURkaERiVHI0UDR6bUpBRlpYeDlKMjNJdWRMUFI3MDZITGZ5bDMrb1pUS2Y2ZWdEL1drWXZGCllLdEtDZzI1UmtSYmZBakZkeDlpOVkzcDlPNEFNVUNaRVFIOWQwU1d6LzJWR0VmYzVha09YL2xvWlAyUXF3c2UKeXMyc0k1U0Z5TEd1ZGM3R2MzVTd5UGd0RVN0elVoWT0KLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo=
 
+
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: hostpath
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: hostpath
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: hostpath
-  volumePermissions:
+
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev-integrated-aws-tip.yaml

@@ -3,7 +3,6 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment:
   testingEnabled: true
@@ -66,121 +65,19 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: gp2
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: gp2
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: gp2
-  volumePermissions:
+
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev-integrated.yaml

@@ -66,121 +66,18 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: glusterfs-storage
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: glusterfs-storage
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: glusterfs-storage
-  volumePermissions:
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev-local.yaml

@@ -22,24 +22,10 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment: false
   testingEnabled:
 
-  kafka:
-    image: confluentinc/cp-kafka:5.0.1
-    port: 9092
-    topics:
-    - name: wlan_service_metrics
-      partitions: 1
-      replicationFactor: 1
-    - name: system_events
-      partitions: 1
-      replicationFactor: 1
-    - name: customer_events
-      partitions: 1
-      replicationFactor: 1
   creds:
     sslKeyPassword: mypassword
     sslKeystorePassword: mypassword
@@ -181,121 +167,18 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: standard
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: standard
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: standard
-  volumePermissions:
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev-microk8s.yaml

@@ -22,25 +22,11 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment: false
   testingEnabled: false
   testingTimestamp:
 
-  kafka:
-    image: confluentinc/cp-kafka:5.0.1
-    port: 9092
-    topics:
-    - name: wlan_service_metrics
-      partitions: 1
-      replicationFactor: 1
-    - name: system_events
-      partitions: 1
-      replicationFactor: 1
-    - name: customer_events
-      partitions: 1
-      replicationFactor: 1
   creds:
     sslKeyPassword: mypassword
     sslKeystorePassword: mypassword
@@ -186,121 +172,18 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: microk8s-hostpath
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: microk8s-hostpath
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: microk8s-hostpath
-  volumePermissions:
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev-no-gluster.yaml

@@ -3,7 +3,6 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment: false
   testingEnabled: false
@@ -97,118 +96,18 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
-  metrics:
+    storageClass: ""
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
-  replicaCount: 1
+    storageClass: ""
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
-  volumePermissions:
+    storageClass: ""
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/dev.yaml

@@ -22,7 +22,6 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment: false
   testingEnabled: false
@@ -159,121 +158,18 @@ nginx-ingress-controller:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: glusterfs-storage
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: glusterfs-storage
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: falsea
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     storageClass: glusterfs-storage
-  volumePermissions:
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/resources/environments/disable-allcharts.yaml

@@ -3,7 +3,6 @@ global:
   nodePortPrefixExt: 304
 
   pullPolicy: Always
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
 
   integratedDeployment: false
   testingEnabled:

tip-wlan/resources/environments/migration.yaml

@@ -1,17 +1,4 @@
 global:
-  kafka:
-    image: confluentinc/cp-kafka:5.0.1
-    port: 9092
-    topics:
-    - name: wlan_service_metrics
-      partitions: 1
-      replicationFactor: 1
-    - name: system_events
-      partitions: 1
-      replicationFactor: 1
-    - name: customer_events
-      partitions: 1
-      replicationFactor: 1
   creds:
     sslKeyPassword: mypassword
     sslKeystorePassword: mypassword
@@ -19,121 +6,18 @@ global:
 
 kafka:
   enabled: true
-  replicaCount: 1
-  image:
-    debug: true
-  auth:
-    clientProtocol: mtls
-    interBrokerProtocol: tls
-    jksSecret: tip-common-kafka-certs
-    jksPassword: mypassword
-    tlsEndpointIdentificationAlgorithm: ""
-    jaas:
-      clientUsers:
-      - brokerUser
-      clientPassword:
-      - brokerPassword
-  extraEnvVars:
-  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
-    value: PKCS12
-  allowPlaintextListener: true
   persistence:
     enabled: true
     storageClass: REPLACEME
-  metrics:
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      selector:
-        release: prometheus-operator
-  zookeeper:
-    enabled: true
-    persistence:
-      enabled: true
 
 cassandra:
   enabled: true
-  tlsEncryptionSecretName: tip-common-cassandra-certs
-  image:
-    debug: true
   persistence:
     enabled: true
     storageClass: REPLACEME
-  replicaCount: 1
-  cluster:
-    name: TipWlanCluster
-    seedCount: 1
-    internodeEncryption: all
-    clientEncryption: true
-  exporter:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      additionalLabels:
-        release: prometheus-operator
-  dbUser:
-    user: cassandra
-    password: cassandra
-  resources:
-    limits: {}
-    requests:
-      cpu: 1
-      memory: 3Gi
 
 postgresql:
   enabled: true
-  postgresqlDatabase: tip
-  image:
-    debug: true
-  metrics:
-    enabled: false
-    serviceMonitor:
-      enabled: false
-      namespace: monitoring
-      additionalLabels:
-        release: prometheus-operator
-  postgresqlUsername: postgres
-  postgresqlPassword: postgres
-  pgHbaConfiguration: |
-    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
-    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
-    hostssl postgres postgres ::/0 cert clientcert=1
-    hostssl all all 0.0.0.0/0 md5 clientcert=1
-  replication:
-    enabled: true
-    user: repl_user
-    password: repl_password
-    slaveReplicas: 1
   persistence:
     enabled: true
     existingClaim: data-tip-wlan-postgresql-master-0
-  volumePermissions:
-    enabled: true
-  livenessProbe:
-    enabled: false
-  readinessProbe:
-    enabled: false
-  tls:
-    enabled: true
-    certificatesSecret: tip-common-postgres-certs
-    certFilename: cert.crt
-    certKeyFilename: cert.key
-    certCAFilename: cacert.pem
-  initdbScriptsConfigMap: tip-common-postgres-scripts
-  extraEnv:
-  - name: PGSSLCERT
-    value: /opt/tip-wlan/certs/postgresclientcert.pem
-  - name: PGSSLKEY
-    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
-  - name: PGSSLROOTCERT
-    value: /opt/tip-wlan/certs/cacert.pem
-  primary:
-    extraInitContainers:
-    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
-      name: chmod-client-cert-additional
-      securityContext:
-        runAsUser: 0
-      volumeMounts:
-      - mountPath: /opt/bitnami/postgresql/certs
-        name: postgresql-certificates

tip-wlan/templates/docker-secret.yaml

@@ -1,6 +1,13 @@
+{{- define "imagePullSecret" }}
+{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.global.repository.registry (printf "%s:%s" .Values.global.repository.username .Values.global.repository.password | b64enc) | b64enc }}
+{{- end }}
+
 {{- if (.Values.createDockerRegistrySecret | default false) -}}
+
+---
 apiVersion: v1
 kind: Secret
+type: kubernetes.io/dockerconfigjson
 metadata:
   name: {{ .Release.Namespace }}-docker-registry-key
   namespace: {{ .Release.Namespace }}
@@ -10,6 +17,5 @@ metadata:
     release: {{ .Release.Name }}
     heritage: {{ .Release.Service }}
 data:
-  .dockerconfigjson: {{ .Values.dockerRegistrySecret }}
+  .dockerconfigjson: {{ template "imagePullSecret" . }}
-type: kubernetes.io/dockerconfigjson
 {{- end}}

tip-wlan/templates/kafka-dependencies.yaml

@@ -22,7 +22,7 @@ data:
   server.pkcs12: {{ .Files.Get "resources/certs/server.pkcs12" | b64enc }}
 
 
-{{ if .Values.global.kafka.topics }}
+{{ if .Values.kafka.initJobConfig.topics }}
 {{- $zk := printf "%s-zookeeper-headless" .Release.Name -}}
 ---
 apiVersion: batch/v1
@@ -37,7 +37,7 @@ spec:
       restartPolicy: OnFailure
       initContainers:
       - name: depends-on
-        image: {{ .Values.global.kafka.image }}
+        image: {{ .Values.kafka.initJobConfig.image }}
         command:
         - bash
         - -c
@@ -47,7 +47,7 @@ spec:
             echo "Waiting for Zookeeper..."
             sleep 20
           done
-          until nc -z {{ $.Release.Name }}-kafka {{ .Values.global.kafka.port }} || (( retries++ >= 6 ))
+          until nc -z {{ $.Release.Name }}-kafka {{ .Values.kafka.initJobConfig.port }} || (( retries++ >= 6 ))
           do
             echo "Waiting for Kafka..."
             sleep 20
@@ -60,7 +60,7 @@ spec:
         - -c
         - |
           set -e
-        {{- range $n, $topic := .Values.global.kafka.topics }}
+        {{- range $n, $topic := .Values.kafka.initJobConfig.topics }}
           {{- if and $topic.partitions $topic.replicationFactor $topic.reassignPartitions }}
           cat << EOF > {{ $topic.name }}-increase-replication-factor.json
             {"version":1, "partitions":[

tip-wlan/values.yaml

@@ -37,11 +37,13 @@ global:
   nodePortPrefix: 302
   nodePortPrefixExt: 304
 
-  repository: tip-tip-wlan-cloud-docker-repo.jfrog.io
+  repository:
+    registry: tip-tip-wlan-cloud-docker-repo.jfrog.io
+    username: tip-read
+    password: tip-read
   # image pull policy
   pullPolicy: Always
 
-
   # flag to enable debugging - application support required
   debugEnabled: false
 
@@ -84,11 +86,144 @@ wlan-port-forwarding-gateway-service:
   enabled: false
 wlan-integrated-cloud-component-service:
   enabled: false
+
 nginx-ingress-controller:
   enabled: false
+
 kafka:
+  initJobConfig:
+    image: confluentinc/cp-kafka:5.0.1
+    port: 9092
+    topics:
+    - name: wlan_service_metrics
+      partitions: 1
+      replicationFactor: 1
+    - name: system_events
+      partitions: 1
+      replicationFactor: 1
+    - name: customer_events
+      partitions: 1
+      replicationFactor: 1
+  creds:
+    sslKeyPassword: mypassword
+    sslKeystorePassword: mypassword
+    sslTruststorePassword: mypassword
   enabled: false
+  replicaCount: 1
+  image:
+    debug: true
+  auth:
+    clientProtocol: mtls
+    interBrokerProtocol: tls
+    jksSecret: tip-common-kafka-certs
+    jksPassword: mypassword
+    tlsEndpointIdentificationAlgorithm: ""
+    jaas:
+      clientUsers:
+      - brokerUser
+      clientPassword:
+      - brokerPassword
+  extraEnvVars:
+  - name: KAFKA_CFG_SSL_KEYSTORE_TYPE
+    value: PKCS12
+  allowPlaintextListener: true
+  persistence:
+    enabled: true
+    storageClass: glusterfs-storage
+  metrics:
+    serviceMonitor:
+      enabled: false
+      namespace: monitoring
+      selector:
+        release: prometheus-operator
+  zookeeper:
+    enabled: true
+    persistence:
+      enabled: true
+
 cassandra:
   enabled: false
+  tlsEncryptionSecretName: tip-common-cassandra-certs
+  image:
+    debug: true
+  persistence:
+    enabled: true
+    storageClass: glusterfs-storage
+  replicaCount: 1
+  cluster:
+    name: TipWlanCluster
+    seedCount: 1
+    internodeEncryption: all
+    clientEncryption: true
+  exporter:
+    enabled: false
+    serviceMonitor:
+      enabled: false
+      additionalLabels:
+        release: prometheus-operator
+  dbUser:
+    user: cassandra
+    password: cassandra
+  resources:
+    limits: {}
+    requests:
+      cpu: 1
+      memory: 3Gi
+
 postgresql:
-  enabled: false
+  enabled: false
+  postgresqlDatabase: tip
+  image:
+    debug: true
+  metrics:
+    enabled: false
+    serviceMonitor:
+      enabled: falsea
+      namespace: monitoring
+      additionalLabels:
+        release: prometheus-operator
+  postgresqlUsername: postgres
+  postgresqlPassword: postgres
+  pgHbaConfiguration: |
+    hostssl replication repl_user 0.0.0.0/0 md5 clientcert=0
+    hostssl postgres postgres 0.0.0.0/0 cert clientcert=1
+    hostssl postgres postgres ::/0 cert clientcert=1
+    hostssl all all 0.0.0.0/0 md5 clientcert=1
+  replication:
+    enabled: true
+    user: repl_user
+    password: repl_password
+    slaveReplicas: 1
+  persistence:
+    enabled: true
+    storageClass: glusterfs-storage
+  volumePermissions:
+    enabled: true
+  livenessProbe:
+    enabled: false
+  readinessProbe:
+    enabled: false
+  tls:
+    enabled: true
+    certificatesSecret: tip-common-postgres-certs
+    certFilename: cert.crt
+    certKeyFilename: cert.key
+    certCAFilename: cacert.pem
+  initdbScriptsConfigMap: tip-common-postgres-scripts
+  extraEnv:
+  - name: PGSSLCERT
+    value: /opt/tip-wlan/certs/postgresclientcert.pem
+  - name: PGSSLKEY
+    value: /opt/tip-wlan/certs/postgresclientkey_dec.pem
+  - name: PGSSLROOTCERT
+    value: /opt/tip-wlan/certs/cacert.pem
+  primary:
+    extraInitContainers:
+    - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
+      image: busybox:latest
+      name: chmod-client-cert-additional
+      securityContext:
+        runAsUser: 0
+      volumeMounts:
+      - mountPath: /opt/bitnami/postgresql/certs
+        name: postgresql-certificates