cscott/apigateway-ocp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated to 7.7.0.20250830-3-BN0276-ubi

Browse Source 
Updated ANM destinationCertCA for 7.7.0.20250830-3-BN0276-ubi
This commit is contained in:
Conan Scott
2025-11-20 15:56:45 +08:00
parent 0a203fc035
commit 555c441ad1
79 changed files with 8102 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
apigateway/charts/v7-discovery/.helmignore Normal file
View File

@@ -0,0 +1,26 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/
jfrog.yml
.gitlab-ci.yml
polaris.json

10
apigateway/charts/v7-discovery/Chart.yaml Normal file
View File

@@ -0,0 +1,10 @@
apiVersion: v2
appVersion: 1.2.35
description: V7 discovery agent
maintainers:
- name: axway/beano
name: v7-discovery
sources:
- https://git.ecd.axway.org/apigov/v7_discovery_agent
type: application
version: 1.2.35

33
apigateway/charts/v7-discovery/README.md Normal file
View File

@@ -0,0 +1,33 @@
## Prerequisites
Before the chart can be installed make sure to have the secrets installed/available.
i.e if you look at line 31(secrets) in the values.yaml file, you will notice we are referencing two files.
discovery-creds can be applied by using the following format for the secret.
Make sure all the values are base64 encoded before applying it in the cluster.
kubectl apply -f <creds-FILENAME.yaml>
``` yaml
apiVersion: v1
kind: Secret
metadata:
name: discovery-creds
data:
APIMANAGER_AUTH_USERNAME: ""
APIMANAGER_AUTH_PASSWORD: ""
APIGATEWAY_AUTH_USERNAME: ""
APIGATEWAY_AUTH_PASSWORD: ""
```
kubectl apply -f <keys-FILENAME.yaml>
``` yaml
apiVersion: v1
kind: Secret
metadata:
name: discovery-keys
data:
private_key: <PRIVATE_KEY_BASE64>
public_key: <PUBLIC_KEY_BASE64>
```

0
apigateway/charts/v7-discovery/templates/NOTES.txt Normal file
View File

78
apigateway/charts/v7-discovery/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,78 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "v7-discovery.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "v7-discovery.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "v7-discovery.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "v7-discovery.labels" -}}
helm.sh/chart: {{ include "v7-discovery.chart" . }}
{{ include "v7-discovery.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "v7-discovery.selectorLabels" -}}
app.kubernetes.io/name: {{ include "v7-discovery.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "v7-discovery.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "v7-discovery.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
{{/*
Create the image name
*/}}
{{- define "v7-discovery.imageName" -}}
{{- if .Values.image.fullPath }}
{{- .Values.image.fullPath }}
{{- else }}
{{- $tag := default .Chart.AppVersion .Values.image.tag -}}
{{- if .Values.image.registry }}
{{- printf "%s/%s/%s:%s" .Values.image.registry .Values.image.repository .Values.image.name $tag }}
{{- else }}
{{- printf "%s/%s:%s" .Values.image.repository .Values.image.name $tag }}
{{- end }}
{{- end }}
{{- end }}

112
apigateway/charts/v7-discovery/templates/deployment.yaml Normal file
View File

@@ -0,0 +1,112 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "v7-discovery.fullname" . }}
labels:
{{- include "v7-discovery.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "v7-discovery.selectorLabels" . | nindent 6 }}
{{- with .Values.additionalLabels }}
{{- range $key, $value := . }}
{{ default "none" $key }}: {{ default "none" $value | quote }}
{{- end }}
{{- end }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "v7-discovery.selectorLabels" . | nindent 8 }}
{{- with .Values.additionalLabels }}
{{- range $key, $value := . }}
{{ default "none" $key }}: {{ default "none" $value | quote }}
{{- end }}
{{- end }}
spec:
{{- if .Values.image.pullSecret }}
imagePullSecrets:
- name: {{ .Values.image.pullSecret }}
{{- end }}
serviceAccountName: {{ include "v7-discovery.serviceAccountName" . }}
{{- with .Values.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: {{ include "v7-discovery.imageName" . }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: probe-port
containerPort: {{ .Values.statusPort }}
protocol: TCP
livenessProbe:
httpGet:
path: /status
port: probe-port
{{- with .Values.livenessProbe }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
readinessProbe:
httpGet:
path: /status
port: probe-port
{{- with .Values.readinessProbe }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value }}
{{- end }}
{{- end }}
env:
{{- with .Values.env }}
{{- range $key, $value := . }}
{{- if and (not (eq (toString $value) "")) (not (eq (toString $key) "")) }} # ignore any items with empty key or value
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
{{- end }}
- name: APIMANAGER_AUTH_USERNAME
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.credentials }}
key: APIMANAGER_AUTH_USERNAME
- name: APIMANAGER_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.secrets.credentials }}
key: APIMANAGER_AUTH_PASSWORD
volumeMounts:
- name: "discovery-keys-secrets"
mountPath: "/keys"
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
- name: discovery-keys-secrets
secret:
secretName: {{ .Values.secrets.keys }}
items:
- key: private_key
path: private_key.pem
- key: public_key
path: public_key.pem
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

12
apigateway/charts/v7-discovery/templates/serviceaccount.yaml Normal file
View File

@@ -0,0 +1,12 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "v7-discovery.serviceAccountName" . }}
labels:
{{- include "v7-discovery.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

67
apigateway/charts/v7-discovery/values.yaml Normal file
View File

@@ -0,0 +1,67 @@
replicaCount: 1
image:
# blank by default, set this to override all other properties that create the path
fullPath: ""
registry: docker.repository.axway.com
repository: ampc-docker-prod/1.2
name: v7-discovery-agent
pullPolicy: IfNotPresent
pullSecret:
# Overrides the image tag whose default is the chart appVersion.
tag: "1.2.35"
nameOverride: ""
fullnameOverride: ""
# Health Check port
statusPort: 8989
# Info on how to fetch the values for the env parameters can ve found in the below doc.
# https://docs.axway.com/bundle/axway-open-docs/page/docs/central/connect-api-manager/gateway-administation/index.html#customizing-the-discovery-agent-environment-variable-file
# More environment value: https://docs.axway.com/bundle/axway-open-docs/page/docs/central/connect-api-manager/agent-variables/index.html#common-variables-to-both-agents
env:
LOG_LEVEL: info
APIMANAGER_PORT: "443"
# flip to true if API manager is using a self signed certificate
APIMANAGER_SSL_INSECURESKIPVERIFY: false
# The below secret are a pre-requisite. Please refer to the readme file for more info on it.
secrets:
credentials: "discovery-creds"
keys: "discovery-keys"
podAnnotations:
podSecurityContext:
supplementalGroups: [2500]
fsGroupChangePolicy: "OnRootMismatch"
securityContext:
tolerations:
affinity:
nodeSelector: {}
# Add additional labels to the agent deployment which may be required based on your configuration
additionalLabels:
serviceAccount:
# Specifies whether a service account should be created
create: true
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name:
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
readinessProbe:
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3