feat: P4ADEV-1880 migrate auth to argoCD (#11)

* P4PADEV-1880 fix helm dev p4pa-auth * P4PADEV-1880 add uat and prod helm p4pa-auth * P4PADEV-1880 add uat and prod helm p4pa-auth * P4PADEV-1880 add uat and prod helm p4pa-auth
pagopa · Jan 17, 2025 · 8d7c0e5 · 8d7c0e5
1 parent f0748c9
commit 8d7c0e5
Show file tree

Hide file tree

Showing 10 changed files with 132 additions and 324 deletions.
diff --git a/helm/_global/p4pa-auth.yaml b/helm/_global/p4pa-auth.yaml
@@ -1,14 +1,52 @@
 microservice-chart:
   namespace: "payhub"
+  nameOverride: ""
+  fullnameOverride: ""
+
+  livenessProbe:
+    httpGet:
+      path: /actuator/health/liveness
+      port: 8080
+    initialDelaySeconds: 120
+    failureThreshold: 15
+    periodSeconds: 10
+
+  readinessProbe:
+    httpGet:
+      path: /actuator/health/readiness
+      port: 8080
+    initialDelaySeconds: 120
+    failureThreshold: 15
+    periodSeconds: 10
 
   deployment:
     create: true
 
   service:
     create: true
     type: ClusterIP
-    ports:
-      - 8080
+    port: 8080
+
+  ingress:
+    create: true
+    path: /p4paauth/(.*)
+
+  serviceAccount:
+    create: false
+    annotations: {}
+    name: ""
+
+  podAnnotations: {}
+
+  podSecurityContext:
+    seccompProfile:
+      type: RuntimeDefault
+
+  securityContext:
+    allowPrivilegeEscalation: false
+    runAsNonRoot: true
+    runAsUser: 65534
+    runAsGroup: 65534
 
   externalConfigMapFiles:
     create: true
@@ -17,47 +55,45 @@ microservice-chart:
         key: applicationinsights.json
 
   envConfig:
-    ENV: "DEV"
+    APPLICATIONINSIGHTS_ROLE_NAME: "p4paauth"
+    APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: "OFF"
+    APPLICATIONINSIGHTS_INSTRUMENTATION_MICROMETER_ENABLED: "false"
+    APPLICATIONINSIGHTS_PREVIEW_PROFILER_ENABLED: "false"
+
+    ENABLE_AUDIT_APPENDER: "TRUE"
+
+    REDIS_PORT: "6380"
+    REDIS_SSL_ENABLED: "true"
+
+    JWT_TOKEN_EXPIRATION_SECONDS: "14400" # 4 HOURS
+    ACCESS_ORGANIZATION_MODE_ENABLED: "true"
+
     ORGANIZATION_BASE_URL: "http://p4pa-organization-microservice-chart:8080"
 
   envSecret:
     APPLICATIONINSIGHTS_CONNECTION_STRING: appinsights-connection-string
 
-  keyvault:
-    name: "p4pa-d-payhub-kv"
-    tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d"
+    JWT_TOKEN_PRIVATE_KEY: jwt-private-key
+    JWT_TOKEN_PUBLIC_KEY: jwt-public-key
 
-  # nodeSelector: {}
+    REDIS_HOST: cache-standalone-host
+    REDIS_PASSWORD: cache-password
+    MONGODB_URI: mongodb-connection-string
 
-  # tolerations: []
+    MYPAY_DB_HOST: db-host
+    MYPAY_DB_USER: db-mypay-login-username
+    MYPAY_DB_PASSWORD: db-mypay-login-password
 
-#    affinity:
-#      nodeAffinity:
-#        requiredDuringSchedulingIgnoredDuringExecution:
-#          nodeSelectorTerms:
-#          - matchExpressions:
-#            - key: kubernetes.azure.com/mode
-#              operator: In
-#              values:
-#              - user
-#      podAntiAffinity:
-#        preferredDuringSchedulingIgnoredDuringExecution:
-#        - weight: 100
-#          podAffinityTerm:
-#            labelSelector:
-#              matchLabels:
-#                aadpodidbinding: payhub-pod-identity
-#            namespaces: ["payhub"]
-#            topologyKey: topology.kubernetes.io/ztwo
+    MYPIVOT_DB_HOST: db-host
+    MYPIVOT_DB_USER: db-mypay-login-username
+    MYPIVOT_DB_PASSWORD: db-mypay-login-password
 
-  podAnnotations: {}
+    DATA_CIPHER_P4PA_AUTH_HASH_KEY: p4pa-auth-hash-key
+    DATA_CIPHER_P4PA_AUTH_ENCRYPT_PSW: p4pa-auth-encrypt-psw
 
-  podSecurityContext:
-    seccompProfile:
-      type: RuntimeDefault
+    PIATTAFORMA_UNITARIA_CLIENT_SECRET: piattaforma-unitaria-client-secret
+  # nodeSelector: {}
 
-  securityContext:
-    allowPrivilegeEscalation: false
-    runAsNonRoot: true
-    runAsUser: 65534
-    runAsGroup: 65534
+  # tolerations: []
+
+  # affinity: {}
diff --git a/helm/dev/top/p4pa-auth/values.yaml b/helm/dev/top/p4pa-auth/values.yaml
@@ -1,35 +1,10 @@
 microservice-chart:
-  namespace: "payhub"
-  nameOverride: ""
-  fullnameOverride: ""
-
   image:
     repository: ghcr.io/pagopa/p4pa-auth
     tag: develop-latest
     pullPolicy: Always
 
-  livenessProbe:
-    httpGet:
-      path: /actuator/health/liveness
-      port: 8080
-    initialDelaySeconds: 120
-    failureThreshold: 15
-    periodSeconds: 10
-
-  readinessProbe:
-    httpGet:
-      path: /actuator/health/readiness
-      port: 8080
-    initialDelaySeconds: 120
-    failureThreshold: 15
-    periodSeconds: 10
-
-  deployment:
-    create: true
-
   ingress:
-    create: true
-    path: /p4paauth/(.*)
     host: "hub.internal.dev.p4pa.pagopa.it"
 
   resources:
@@ -50,50 +25,20 @@ microservice-chart:
         key: applicationinsights.json
 
   envConfig:
+    ENV: "DEV"
     JAVA_TOOL_OPTIONS: "-Xms896m -Xmx896m -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"
 
     JWT_TOKEN_AUDIENCE: "dev.piattaformaunitaria.pagopa.it"
     JWT_EXTERNAL_TOKEN_ISS: "https://dev.selfcare.pagopa.it"
     JWT_EXTERNAL_TOKEN_BASE_URL: "https://dev.selfcare.pagopa.it"
-
-    APPLICATIONINSIGHTS_ROLE_NAME: "p4paauth"
-    APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: "OFF"
-    APPLICATIONINSIGHTS_INSTRUMENTATION_MICROMETER_ENABLED: "false"
-    APPLICATIONINSIGHTS_PREVIEW_PROFILER_ENABLED: "false"
-
-    ENABLE_AUDIT_APPENDER: "TRUE"
-
-    REDIS_PORT: "6380"
-    REDIS_SSL_ENABLED: "true"
-
-    JWT_TOKEN_EXPIRATION_SECONDS: "14400" # 4 HOURS
-    ACCESS_ORGANIZATION_MODE_ENABLED: "true"
-
-  envSecret:
-    JWT_TOKEN_PRIVATE_KEY: jwt-private-key
-    JWT_TOKEN_PUBLIC_KEY: jwt-public-key
-
-    REDIS_HOST: cache-standalone-host
-    REDIS_PASSWORD: cache-password
-    MONGODB_URI: mongodb-connection-string
-
-    MYPAY_DB_HOST: db-host
-    MYPAY_DB_USER: db-mypay-login-username
-    MYPAY_DB_PASSWORD: db-mypay-login-password
-
-    MYPIVOT_DB_HOST: db-host
-    MYPIVOT_DB_USER: db-mypay-login-username
-    MYPIVOT_DB_PASSWORD: db-mypay-login-password
-
-    DATA_CIPHER_P4PA_AUTH_HASH_KEY: p4pa-auth-hash-key
-    DATA_CIPHER_P4PA_AUTH_ENCRYPT_PSW: p4pa-auth-encrypt-psw
-
-    PIATTAFORMA_UNITARIA_CLIENT_SECRET: piattaforma-unitaria-client-secret
   # nodeSelector: {}
 
   # tolerations: []
 
   # affinity: {}
+  keyvault:
+    name: "p4pa-d-payhub-kv"
+    tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d"
 
 postman-test:
   run: true

diff --git a/helm/prod/top/p4pa-auth/Chart.yaml b/helm/prod/top/p4pa-auth/Chart.yaml
@@ -6,5 +6,5 @@ version: 1.0.0
 appVersion: 1.0.0
 dependencies:
   - name: microservice-chart
-    version: 5.9.0
+    version: 7.3.1
     repository: "https://pagopa.github.io/aks-microservice-chart-blueprint"
diff --git a/helm/prod/top/p4pa-auth/deploy.sh b/helm/prod/top/p4pa-auth/deploy.sh
@@ -1,3 +1,3 @@
 #!/bin/bash
 
-../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks p4pa-auth
+../../../scripts/deploy.sh values.yaml payhub p4pa-u-itn-uat-aks p4pa-auth
diff --git a/helm/prod/top/p4pa-auth/values-prod.yaml b/helm/prod/top/p4pa-auth/values-prod.yaml