diff --git a/api/helm/commonground-gateway-1.5.6.tgz b/api/helm/commonground-gateway-1.5.6.tgz index de1e40a1b..4820f9c89 100644 Binary files a/api/helm/commonground-gateway-1.5.6.tgz and b/api/helm/commonground-gateway-1.5.6.tgz differ diff --git a/api/helm/commonground-gateway/templates/consumer.yaml b/api/helm/commonground-gateway/templates/consumer.yaml index 818c5c410..75a64062c 100644 --- a/api/helm/commonground-gateway/templates/consumer.yaml +++ b/api/helm/commonground-gateway/templates/consumer.yaml @@ -53,6 +53,13 @@ spec: - name: vendor persistentVolumeClaim: claimName: {{ include "commonground-gateway.fullname" . }}-vendor + {{- if .Values.security.postgresCert }} + - name: postgres-certificate + projected: + sources: + - secret: + name: {{ include "commonground-gateway.fullname" . }}-postgresCert + {{- end }} initContainers: - name: {{ include "commonground-gateway.fullname" . }}-init securityContext: @@ -86,7 +93,13 @@ spec: - mountPath: /var/run/idp name: idp-certificate readOnly: true - {{- end }} + {{- end }} + {{- if .Values.security.postgresCert }} + - mountPath: /srv/api/var/certs/postgres.crt + subPath: certificate.crt + name: postgres-certificate + readOnly: true + {{- end }} - mountPath: /srv/api/vendor subPath: vendor name: vendor @@ -161,6 +174,8 @@ spec: secretKeyRef: key: database-url name: {{ include "commonground-gateway.fullname" . }} + - name: DATABASE_ROOT_CERT + value: /srv/api/var/certs/postgres.crt - name: CACHE_URL valueFrom: secretKeyRef: @@ -247,6 +262,8 @@ spec: configMapKeyRef: key: redis-port name: {{ include "commonground-gateway.fullname" . }} + - name: REDIS_PROTOCOL + value: {{ .Values.security.redisProtocol }} {{- end }} - name: SAML_ENABLED valueFrom: diff --git a/api/helm/commonground-gateway/templates/cron-runner.yaml b/api/helm/commonground-gateway/templates/cron-runner.yaml index dfe1509e7..158b3d980 100644 --- a/api/helm/commonground-gateway/templates/cron-runner.yaml +++ b/api/helm/commonground-gateway/templates/cron-runner.yaml @@ -60,7 +60,14 @@ spec: - name: vendor persistentVolumeClaim: claimName: {{ include "commonground-gateway.fullname" . }}-vendor - + + {{- if .Values.security.postgresCert }} + - name: postgres-certificate + projected: + sources: + - secret: + name: {{ include "commonground-gateway.fullname" . }}-postgresCert + {{- end }} initContainers: - name: {{ include "commonground-gateway.fullname" . }}-init securityContext: @@ -120,6 +127,12 @@ spec: subPath: bundles.php name: vendor readOnly: false + {{- if .Values.security.postgresCert }} + - mountPath: /srv/api/var/certs/postgres.crt + subPath: certificate.crt + name: postgres-certificate + readOnly: true + {{- end }} args: - bin/console - cronjob:command @@ -169,6 +182,8 @@ spec: secretKeyRef: key: database-url name: {{ include "commonground-gateway.fullname" . }} + - name: DATABASE_ROOT_CERT + value: /srv/api/var/certs/postgres.crt - name: CACHE_URL valueFrom: secretKeyRef: @@ -257,6 +272,8 @@ spec: configMapKeyRef: key: redis-port name: {{ include "commonground-gateway.fullname" . }} + - name: REDIS_PROTOCOL + value: {{ .Values.security.redisProtocol }} {{- end }} - name: SAML_ENABLED valueFrom: diff --git a/api/helm/index.yaml b/api/helm/index.yaml index ea12fa4aa..d6936e836 100644 --- a/api/helm/index.yaml +++ b/api/helm/index.yaml @@ -3,7 +3,7 @@ entries: commonground-gateway: - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.879766399+02:00" + created: "2024-04-23T15:30:09.885970934+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -25,7 +25,7 @@ entries: repository: https://raw.githubusercontent.com/ConductionNL/gateway-ui/development/helm/ version: 0.1.7 description: A Helm chart for Kubernetes - digest: 4f33a3c18d90beec72ff67db7b512fcef15014d153d0c29d50130f7d8fc60a39 + digest: c30f4175e7f99e51da2f32f0518dfbb4d1216cb5896d5ae83b23a400a85c794b name: commonground-gateway type: application urls: @@ -33,7 +33,7 @@ entries: version: 1.5.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.827292163+02:00" + created: "2024-04-23T15:30:09.822785036+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -63,7 +63,7 @@ entries: version: 1.5.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.764379488+02:00" + created: "2024-04-23T15:30:09.72900806+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -93,7 +93,7 @@ entries: version: 1.5.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.705200077+02:00" + created: "2024-04-23T15:30:09.63242211+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -123,7 +123,7 @@ entries: version: 1.5.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.647209064+02:00" + created: "2024-04-23T15:30:09.552968004+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -153,7 +153,7 @@ entries: version: 1.5.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.580406889+02:00" + created: "2024-04-23T15:30:09.474294011+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -183,7 +183,7 @@ entries: version: 1.5.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.518147017+02:00" + created: "2024-04-23T15:30:09.388993723+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -213,7 +213,7 @@ entries: version: 1.5.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.457355191+02:00" + created: "2024-04-23T15:30:09.302182013+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -243,7 +243,7 @@ entries: version: 1.4.7 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.399908739+02:00" + created: "2024-04-23T15:30:09.214618345+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -273,7 +273,7 @@ entries: version: 1.4.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.340080572+02:00" + created: "2024-04-23T15:30:09.091851597+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -303,7 +303,7 @@ entries: version: 1.4.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.277930504+02:00" + created: "2024-04-23T15:30:08.981662526+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -333,7 +333,7 @@ entries: version: 1.4.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.220819618+02:00" + created: "2024-04-23T15:30:08.885033255+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -363,7 +363,7 @@ entries: version: 1.4.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.164654338+02:00" + created: "2024-04-23T15:30:08.75496482+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -393,7 +393,7 @@ entries: version: 1.4.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.105758953+02:00" + created: "2024-04-23T15:30:08.641123613+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -423,7 +423,7 @@ entries: version: 1.4.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:14.04930785+02:00" + created: "2024-04-23T15:30:08.4984428+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -453,7 +453,7 @@ entries: version: 1.4.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.991793117+02:00" + created: "2024-04-23T15:30:08.359581474+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -483,7 +483,7 @@ entries: version: 1.3.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.930083103+02:00" + created: "2024-04-23T15:30:08.288308632+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -513,7 +513,7 @@ entries: version: 1.3.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.869917931+02:00" + created: "2024-04-23T15:30:08.234665148+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -543,7 +543,7 @@ entries: version: 1.2.9 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.818026397+02:00" + created: "2024-04-23T15:30:08.18081359+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -569,7 +569,7 @@ entries: version: 1.2.8 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.763732478+02:00" + created: "2024-04-23T15:30:08.080877556+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -595,7 +595,7 @@ entries: version: 1.2.7 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.707528584+02:00" + created: "2024-04-23T15:30:08.028154586+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -621,7 +621,7 @@ entries: version: 1.2.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.64468695+02:00" + created: "2024-04-23T15:30:07.967764037+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -647,7 +647,7 @@ entries: version: 1.2.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.585738505+02:00" + created: "2024-04-23T15:30:07.904947002+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -673,7 +673,7 @@ entries: version: 1.2.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.523411767+02:00" + created: "2024-04-23T15:30:07.851892023+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -699,7 +699,7 @@ entries: version: 1.2.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.457232166+02:00" + created: "2024-04-23T15:30:07.794173768+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -725,7 +725,7 @@ entries: version: 1.2.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.399333792+02:00" + created: "2024-04-23T15:30:07.734488769+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -751,7 +751,7 @@ entries: version: 1.2.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.344104914+02:00" + created: "2024-04-23T15:30:07.673986604+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -777,7 +777,7 @@ entries: version: 1.2.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.289119163+02:00" + created: "2024-04-23T15:30:07.61319341+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -803,7 +803,7 @@ entries: version: 1.1.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.234898971+02:00" + created: "2024-04-23T15:30:07.542390243+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -829,7 +829,7 @@ entries: version: 1.1.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.179728244+02:00" + created: "2024-04-23T15:30:07.477926538+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -855,7 +855,7 @@ entries: version: 1.1.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.127093828+02:00" + created: "2024-04-23T15:30:07.413901086+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -881,7 +881,7 @@ entries: version: 1.1.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.073036305+02:00" + created: "2024-04-23T15:30:07.359452373+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -907,7 +907,7 @@ entries: version: 1.1.0 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:13.01598044+02:00" + created: "2024-04-23T15:30:07.305318185+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -933,7 +933,7 @@ entries: version: 1.0.7 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.961450029+02:00" + created: "2024-04-23T15:30:07.240032748+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -959,7 +959,7 @@ entries: version: 1.0.6 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.899176308+02:00" + created: "2024-04-23T15:30:07.178725114+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -985,7 +985,7 @@ entries: version: 1.0.5 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.841616686+02:00" + created: "2024-04-23T15:30:07.112783402+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1011,7 +1011,7 @@ entries: version: 1.0.4 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.782443236+02:00" + created: "2024-04-23T15:30:07.059481513+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1037,7 +1037,7 @@ entries: version: 1.0.3 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.726135819+02:00" + created: "2024-04-23T15:30:07.007977322+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1063,7 +1063,7 @@ entries: version: 1.0.2 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.67455664+02:00" + created: "2024-04-23T15:30:06.944318216+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1089,7 +1089,7 @@ entries: version: 1.0.1 - apiVersion: v2 appVersion: "2.2" - created: "2024-04-23T14:24:12.610836855+02:00" + created: "2024-04-23T15:30:06.876336666+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1115,7 +1115,7 @@ entries: version: 1.0.0 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.225347703+02:00" + created: "2024-04-23T15:30:06.449422857+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1137,7 +1137,7 @@ entries: version: 0.1.13 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.183292985+02:00" + created: "2024-04-23T15:30:06.405072706+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1159,7 +1159,7 @@ entries: version: 0.1.12 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.145013193+02:00" + created: "2024-04-23T15:30:06.367047975+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1181,7 +1181,7 @@ entries: version: 0.1.11 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.108156902+02:00" + created: "2024-04-23T15:30:06.326640441+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1203,7 +1203,7 @@ entries: version: 0.1.10 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.550103432+02:00" + created: "2024-04-23T15:30:06.815342448+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1225,7 +1225,7 @@ entries: version: 0.1.9 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.510572167+02:00" + created: "2024-04-23T15:30:06.766993414+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1247,7 +1247,7 @@ entries: version: 0.1.8 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.467899297+02:00" + created: "2024-04-23T15:30:06.721484487+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1269,7 +1269,7 @@ entries: version: 0.1.7 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.417318232+02:00" + created: "2024-04-23T15:30:06.666659081+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1288,7 +1288,7 @@ entries: version: 0.1.6 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.384966234+02:00" + created: "2024-04-23T15:30:06.629689069+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1307,7 +1307,7 @@ entries: version: 0.1.5 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.347888802+02:00" + created: "2024-04-23T15:30:06.595947102+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1326,7 +1326,7 @@ entries: version: 0.1.4 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.316081016+02:00" + created: "2024-04-23T15:30:06.564415397+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1345,7 +1345,7 @@ entries: version: 0.1.3 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.286401437+02:00" + created: "2024-04-23T15:30:06.523960306+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1364,7 +1364,7 @@ entries: version: 0.1.2 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.071132498+02:00" + created: "2024-04-23T15:30:06.281889306+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1383,7 +1383,7 @@ entries: version: 0.1.1 - apiVersion: v2 appVersion: 1.16.0 - created: "2024-04-23T14:24:12.029331955+02:00" + created: "2024-04-23T15:30:06.240206182+02:00" dependencies: - condition: postgresql.enabled name: postgresql @@ -1400,4 +1400,4 @@ entries: urls: - commonground-gateway-0.1.0.tgz version: 0.1.0 -generated: "2024-04-23T14:24:11.99523647+02:00" +generated: "2024-04-23T15:30:06.208615197+02:00"