Skip to content
This repository has been archived by the owner on Mar 12, 2024. It is now read-only.

Charts config log and timeout #25

Merged
4 changes: 2 additions & 2 deletions charts/managed-identity-wallets/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.7.1
appVersion: 3.3.1
version: 0.7.2
appVersion: 3.3.2

dependencies:
- name: postgresql
Expand Down
13 changes: 8 additions & 5 deletions charts/managed-identity-wallets/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# managed-identity-wallets

![Version: 0.7.1](https://img.shields.io/badge/Version-0.7.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.1](https://img.shields.io/badge/AppVersion-3.3.1-informational?style=flat-square)
![Version: 0.7.2](https://img.shields.io/badge/Version-0.7.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 3.3.2](https://img.shields.io/badge/AppVersion-3.3.2-informational?style=flat-square)

Managed Identity Wallets Service

Expand Down Expand Up @@ -29,7 +29,9 @@ Managed Identity Wallets Service
| allowEmptyPassword | string | `"\"yes\""` | |
| db.jdbcDriver | string | `"org.postgresql.Driver"` | Database driver to use |
| namespace | string | `"managed-identity-wallets"` | |
| logging.exposed | string | `"INFO"` | |
| logging | object | `{"exposed":"INFO","jetty":"INFO","ktorRoot":"INFO","netty":"INFO","servicesCalls":"INFO"}` | The logging configurations |
| logging.servicesCalls | string | `"INFO"` | Options: ALL, HEADERS, BODY, INFO, NONE |
| httpClientTimeout | object | `{"bpdServiceConnect":"25000","bpdServiceRequest":"25000","bpdServiceSocket":"25000","revocationServiceConnect":"25000","revocationServiceRequest":"25000","revocationServiceSocket":"25000","walletServiceConnect":"25000","walletServiceRequest":"25000","walletServiceSocket":"25000","webhookServiceConnect":"25000","webhookServiceRequest":"25000","webhookServiceSocket":"25000"}` | The timeout (milliseconds) configuration of http client in each service. |
| openapi.title | string | `"Managed Identity Wallets API"` | |
| openapi.description | string | `"Managed Identity Wallets API"` | |
| openapi.termsOfServiceUrl | string | `"https://www.eclipse.org/legal/termsofuse.php"` | |
Expand All @@ -55,7 +57,7 @@ Managed Identity Wallets Service
| revocationService.clientIssuanceApiUrl | string | `"http://localhost:8080"` | The url at which the MIW is reachable |
| acapy.imageName | string | `"bcgovimages/aries-cloudagent"` | |
| acapy.tag | string | `"py36-1.16-1_0.7.5"` | |
| acapy.endorser.ledgerUrl | string | `"https://idu.cloudcompass.ca"` | The url of the used Indy ledger |
| acapy.endorser.ledgerUrl | string | `"https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/genesis"` | The url of the used Indy ledger |
| acapy.endorser.label | string | `"BaseWalletIssuer"` | The label of the instance |
| acapy.endorser.logLevel | string | `"INFO"` | |
| acapy.endorser.networkIdentifier | string | `"idunion:test"` | The network identifier of the used Indy ledger |
Expand All @@ -72,7 +74,7 @@ Managed Identity Wallets Service
| acapy.endorser.secret.dbpassword | string | `"postgres"` | |
| acapy.endorser.secret.jwtsecret | string | `"0"` | |
| acapy.endorser.secret.walletkey | string | `"0"` | |
| acapy.mt.ledgerUrl | string | `"https://idu.cloudcompass.ca"` | The url of the used Indy ledger |
| acapy.mt.ledgerUrl | string | `"https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/genesis"` | The url of the used Indy ledger |
| acapy.mt.label | string | `"ManagedWallet"` | The label of the instance |
| acapy.mt.logLevel | string | `"INFO"` | |
| acapy.mt.networkIdentifier | string | `"idunion:test"` | The network identifier of the used Indy ledger |
Expand Down Expand Up @@ -104,7 +106,7 @@ Managed Identity Wallets Service
| postgresql.primary.extraVolumes[0].name | string | `"initdb"` | |
| postgresql.primary.extraVolumes[0].emptyDir | object | `{}` | |
| postgresql.primary.initContainers[0].name | string | `"initdb"` | |
| postgresql.primary.initContainers[0].image | string | `"ghcr.io/catenax-ng/tx-managed-identity-wallets_initdb:3.3.1"` | The image is built and used to initialize the database of MIW. The tag must equal the appVersion in Chart.yaml |
| postgresql.primary.initContainers[0].image | string | `"ghcr.io/catenax-ng/tx-managed-identity-wallets_initdb:3.3.2"` | The image is built and used to initialize the database of MIW. The tag must equal the appVersion in Chart.yaml |
| postgresql.primary.initContainers[0].imagePullPolicy | string | `"Always"` | |
| postgresql.primary.initContainers[0].command[0] | string | `"sh"` | |
| postgresql.primary.initContainers[0].args[0] | string | `"-c"` | |
Expand All @@ -126,6 +128,7 @@ Managed Identity Wallets Service
| managedIdentityWallets.secret.bpdmauthclientsecret | string | `"client"` | client secret for accessing the BPDM data pool endpoint |
| certificate.host | string | `"localhost"` | |
| isLocal | bool | `false` | Deployment on Kubernetes on local device |
| resources | object | `{"endorserAcapy":{"limits":{"cpu":"250m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"managedIdentityWallets":{"limits":{"cpu":"250m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"mtAcapy":{"limits":{"cpu":"250m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"128Mi"}},"revocationService":{"limits":{"cpu":"250m","memory":"256Mi"},"requests":{"cpu":"100m","memory":"128Mi"}}}` | used resources for each componenet |

----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
70 changes: 52 additions & 18 deletions charts/managed-identity-wallets/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -130,13 +130,47 @@ spec:
value: {{ .Values.revocation.revocationServiceUrl }}
- name: REVOCATION_CREATE_STATUS_LIST_CREDENTIAL_AT_HOUR
value: {{ .Values.revocation.refreshHour | quote }}
- name: LOG_LEVEL_KTOR_ROOT
value: {{ .Values.logging.ktorRoot }}
- name: LOG_LEVEL_EXPOSED
value: {{ .Values.logging.exposed }}
- name: LOG_LEVEL_ECLIPSE_JETTY
value: {{ .Values.logging.jetty }}
- name: LOG_LEVEL_NETTY
value: {{ .Values.logging.netty }}
- name: LOG_LEVEL_SERVICES_CALLS
value: {{ .Values.logging.servicesCalls }}
- name: WALLET_SERVICE_REQUEST_TIMEOUT
value: {{ .Values.httpClientTimeout.walletServiceRequest | quote }}
- name: WALLET_SERVICE_CONNECT_TIMEOUT
value: {{ .Values.httpClientTimeout.walletServiceConnect | quote }}
- name: WALLET_SERVICE_SOCKET_TIMEOUT
value: {{ .Values.httpClientTimeout.walletServiceSocket | quote }}
- name: BPD_SERVICE_REQUEST_TIMEOUT
value: {{ .Values.httpClientTimeout.bpdServiceRequest | quote }}
- name: BPD_SERVICE_CONNECT_TIMEOUT
value: {{ .Values.httpClientTimeout.bpdServiceConnect | quote }}
- name: BPD_SERVICE_SOCKET_TIMEOUT
value: {{ .Values.httpClientTimeout.bpdServiceSocket | quote }}
- name: REVOCATION_SERVICE_REQUEST_TIMEOUT
value: {{ .Values.httpClientTimeout.revocationServiceRequest | quote }}
- name: REVOCATION_SERVICE_CONNECT_TIMEOUT
value: {{ .Values.httpClientTimeout.revocationServiceConnect | quote }}
- name: REVOCATION_SERVICE_SOCKET_TIMEOUT
value: {{ .Values.httpClientTimeout.revocationServiceSocket | quote }}
- name: WEBHOOK_SERVICE_REQUEST_TIMEOUT
value: {{ .Values.httpClientTimeout.webhookServiceRequest | quote }}
- name: WEBHOOK_SERVICE_CONNECT_TIMEOUT
value: {{ .Values.httpClientTimeout.webhookServiceConnect | quote }}
- name: WEBHOOK_SERVICE_SOCKET_TIMEOUT
value: {{ .Values.httpClientTimeout.webhookServiceSocket | quote }}
resources:
requests:
cpu: 100m
memory: 128Mi
cpu: {{ .Values.resources.managedIdentityWallets.requests.cpu }}
memory: {{ .Values.resources.managedIdentityWallets.requests.memory }}
limits:
cpu: 250m
memory: 256Mi
cpu: {{ .Values.resources.managedIdentityWallets.limits.cpu }}
memory: {{ .Values.resources.managedIdentityWallets.limits.memory }}
ports:
- containerPort: 8080
- name: revocation-service
Expand All @@ -160,11 +194,11 @@ spec:
value: {{ .Values.revocationService.clientIssuanceApiUrl }}
resources:
requests:
cpu: 100m
memory: 128Mi
cpu: {{ .Values.resources.revocationService.requests.cpu }}
memory: {{ .Values.resources.revocationService.requests.memory }}
limits:
cpu: 250m
memory: 256Mi
cpu: {{ .Values.resources.revocationService.limits.cpu }}
memory: {{ .Values.resources.revocationService.limits.memory }}
ports:
- containerPort: 8086
- name: endorser-acapy
Expand Down Expand Up @@ -230,11 +264,11 @@ spec:
key: acapy-endorser-db-admin-password
resources:
requests:
cpu: 100m
memory: 128Mi
cpu: {{ .Values.resources.endorserAcapy.requests.cpu }}
memory: {{ .Values.resources.endorserAcapy.requests.memory }}
limits:
cpu: 250m
memory: 256Mi
cpu: {{ .Values.resources.endorserAcapy.limits.cpu }}
memory: {{ .Values.resources.endorserAcapy.limits.memory }}
ports:
- containerPort: 8000
command: ["/bin/bash"]
Expand All @@ -251,7 +285,7 @@ spec:
--wallet-storage-config '{\"url\":\"$(DB_HOST):5432\",\"max_connections\":5}'
--wallet-storage-creds '{\"account\":\"$(DB_ACCOUNT)\",\"password\":\"$(DB_PASSWORD)\",\"admin_account\":\"$(DB_ADMIN_USER)\",\"admin_password\":\"$(DB_ADMIN_PASSWORD)\"}'
--seed $(AGENT_WALLET_SEED) \
--genesis-url $(LEDGER_URL)/genesis \
--genesis-url $(LEDGER_URL) \
--label $(LABEL) \
--admin-api-key $(ACAPY_ADMIN_API_KEY) \
--auto-ping-connection \
Expand Down Expand Up @@ -328,11 +362,11 @@ spec:
value: {{ .Values.acapy.mt.webhookUrl }}
resources:
requests:
cpu: 100m
memory: 128Mi
cpu: {{ .Values.resources.mtAcapy.requests.cpu }}
memory: {{ .Values.resources.mtAcapy.requests.memory }}
limits:
cpu: 250m
memory: 256Mi
cpu: {{ .Values.resources.mtAcapy.limits.cpu }}
memory: {{ .Values.resources.mtAcapy.limits.memory }}
ports:
- containerPort: 8003
command: ["/bin/bash"]
Expand All @@ -349,7 +383,7 @@ spec:
--wallet-storage-config '{\"url\":\"$(DB_HOST):5432\",\"max_connections\":5}'
--wallet-storage-creds '{\"account\":\"$(DB_ACCOUNT)\",\"password\":\"$(DB_PASSWORD)\",\"admin_account\":\"$(DB_ADMIN_USER)\",\"admin_password\":\"$(DB_ADMIN_PASSWORD)\"}'
--seed $(AGENT_WALLET_SEED) \
--genesis-url $(LEDGER_URL)/genesis \
--genesis-url $(LEDGER_URL) \
--label $(LABEL) \
--admin-api-key $(ACAPY_ADMIN_API_KEY) \
--auto-ping-connection \
Expand Down
35 changes: 32 additions & 3 deletions charts/managed-identity-wallets/values-dev.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ wallet:
baseWalletShortDid: "MhLrwtKpZhNCzazMeofPQH"
baseWalletVerkey: "CHEC4PRQmP73A9UD7vQ6tnLAm9aoXLPhEtnGSMiAyVZj"
baseWalletName: "Catena-X-Dev"
membershipOrganisation: "Catena-X"
membershipOrganisation: "Catena-X"
datapool:
url: "https://partners-pool.dev.demo.catena-x.net"
authUrl: "https://centralidp.dev.demo.catena-x.net/auth/realms/CX-Central/protocol/openid-connect/token"
Expand All @@ -21,7 +21,7 @@ certificate:
acapy:
endorser:
logLevel: "DEBUG"
ledgerUrl: "http://dev.greenlight.bcovrin.vonx.io"
ledgerUrl: "http://dev.greenlight.bcovrin.vonx.io/genesis"
endpointUrl: "https://managed-identity-wallets.dev.demo.catena-x.net/didcomm-base"
secret:
apikey: <path:managed-identity-wallets/data/dev/managed-identity-wallets-acapy-secrets#acapy-endorser-admin-api-key>
Expand All @@ -34,7 +34,7 @@ acapy:
walletkey: <path:managed-identity-wallets/data/dev/managed-identity-wallets-acapy-secrets#acapy-endorser-wallet-key>
mt:
logLevel: "DEBUG"
ledgerUrl: "http://dev.greenlight.bcovrin.vonx.io"
ledgerUrl: "http://dev.greenlight.bcovrin.vonx.io/genesis"
endpointUrl: "https://managed-identity-wallets.dev.demo.catena-x.net/didcomm-managed-wallets"
endorserPublicDid: "MhLrwtKpZhNCzazMeofPQH"
secret:
Expand Down Expand Up @@ -63,3 +63,32 @@ acapypostgresql:
password: <path:managed-identity-wallets/data/dev/postgres-acapy-secret-config#password>
postgrespassword: <path:managed-identity-wallets/data/dev/postgres-acapy-secret-config#postgres-password>
user: <path:managed-identity-wallets/data/dev/postgres-acapy-secret-config#user>
resources:
managedIdentityWallets:
requests:
cpu: "200m"
memory: "512Mi"
limits:
cpu: "250m"
memory: "512Mi"
revocationService:
requests:
cpu: "200m"
memory: "512Mi"
limits:
cpu: "250m"
memory: "512Mi"
endorserAcapy:
requests:
cpu: "200m"
memory: "256Mi"
limits:
cpu: "250m"
memory: "512Mi"
mtAcapy:
requests:
cpu: "200m"
memory: "256Mi"
limits:
cpu: "250m"
memory: "512Mi"
32 changes: 32 additions & 0 deletions charts/managed-identity-wallets/values-int.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ datapool:
revocationService:
baseUrlForCredentialList: "https://managed-identity-wallets.int.demo.catena-x.net/api/credentials/"
clientIssuanceApiUrl: "http://localhost:8080"
# -- The logging configurations
logging:
exposed: "OFF"
ingress:
enabled: true
certificate:
Expand Down Expand Up @@ -59,3 +62,32 @@ acapypostgresql:
password: <path:managed-identity-wallets/data/int/postgres-acapy-secret-config#password>
postgrespassword: <path:managed-identity-wallets/data/int/postgres-acapy-secret-config#postgres-password>
user: <path:managed-identity-wallets/data/int/postgres-acapy-secret-config#user>
resources:
managedIdentityWallets:
requests:
cpu: "200m"
memory: "512Mi"
limits:
cpu: "250m"
memory: "512Mi"
revocationService:
requests:
cpu: "200m"
memory: "512Mi"
limits:
cpu: "250m"
memory: "512Mi"
endorserAcapy:
requests:
cpu: "200m"
memory: "256Mi"
limits:
cpu: "250m"
memory: "512Mi"
mtAcapy:
requests:
cpu: "200m"
memory: "256Mi"
limits:
cpu: "250m"
memory: "512Mi"
56 changes: 53 additions & 3 deletions charts/managed-identity-wallets/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,28 @@ db:
# -- Database driver to use
jdbcDriver: "org.postgresql.Driver"
namespace: "managed-identity-wallets"
# -- The logging configurations
logging:
exposed: "INFO"
ktorRoot: "INFO"
jetty: "INFO"
netty: "INFO"
# -- Options: ALL, HEADERS, BODY, INFO, NONE
servicesCalls: "INFO"
# -- The timeout (milliseconds) configuration of http client in each service.
httpClientTimeout:
walletServiceRequest: "25000"
walletServiceConnect: "25000"
walletServiceSocket: "25000"
bpdServiceRequest: "25000"
bpdServiceConnect: "25000"
bpdServiceSocket: "25000"
revocationServiceRequest: "25000"
revocationServiceConnect: "25000"
revocationServiceSocket: "25000"
webhookServiceRequest: "25000"
webhookServiceConnect: "25000"
webhookServiceSocket: "25000"
# The OpenAPI configuration in MIW
openapi:
title: "Managed Identity Wallets API"
Expand Down Expand Up @@ -78,7 +98,7 @@ acapy:
# The configuration of the AcaPy endorser instance
endorser:
# -- The url of the used Indy ledger
ledgerUrl: "https://idu.cloudcompass.ca"
ledgerUrl: "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/genesis"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this URL make sense for the default config? Would it also be a possibility to package that in some kind of nginx docker image, that you can then deploy with your app if i.e. 'localLedger=true' is set?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you. We are not using a local ledger, we just copied the genesis file from the scanner of the idunion test ledger, because it has a temporary certificate problem. I changed the values for now and in the future, this will be changed and the genesis files would be probably given directly to AcaPy instances instead of loading them from external urls.

# -- The label of the instance
label: "BaseWalletIssuer"
logLevel: "INFO"
Expand Down Expand Up @@ -110,7 +130,7 @@ acapy:
# AcaPy multi-tenancy instance
mt:
# -- The url of the used Indy ledger
ledgerUrl: "https://idu.cloudcompass.ca"
ledgerUrl: "https://raw.githubusercontent.com/catenax-ng/product-core-schemas/main/genesis"
# -- The label of the instance
label: "ManagedWallet"
logLevel: "INFO"
Expand Down Expand Up @@ -169,7 +189,7 @@ postgresql:
initContainers:
- name: initdb
# -- The image is built and used to initialize the database of MIW. The tag must equal the appVersion in Chart.yaml
image: ghcr.io/catenax-ng/tx-managed-identity-wallets_initdb:3.3.1
image: ghcr.io/catenax-ng/tx-managed-identity-wallets_initdb:3.3.2
imagePullPolicy: Always
command:
- sh
Expand Down Expand Up @@ -211,3 +231,33 @@ certificate:
host: "localhost"
# -- Deployment on Kubernetes on local device
isLocal: false
# -- used resources for each componenet
resources:
managedIdentityWallets:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "250m"
memory: "256Mi"
revocationService:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "250m"
memory: "256Mi"
endorserAcapy:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "250m"
memory: "256Mi"
mtAcapy:
requests:
cpu: "100m"
memory: "128Mi"
limits:
cpu: "250m"
memory: "256Mi"
2 changes: 1 addition & 1 deletion gradle.properties
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@ acapy_java_library_version=0.7.33
kotlin.code.style=official
kompendium_version=2.3.5
exposed_version=0.38.2
version=3.4.0
version=3.3.2
coverage_excludes=**/models/**,**/entities/**,**/Application*,**/services/IWalletService*,**/services/IAcaPyService*,**/services/AcaPyService*,**/services/IBusinessPartnerDataService*,**/services/IRevocationService*,**/services/RevocationService*