fix: adds missing flag tlsOn on helm chart

Author: psanders

Dockerfile

@@ -28,13 +28,14 @@ FROM node:18-alpine as runner
 ARG PKCS_PASSWORD=changeme
 
 # TODO: Normalize GID and UID across all images
-ENV PKCS_PASSWORD=$PKCS_PASSWORD
-ENV PATH_TO_CERTS=/etc/routr/certs
-ENV USER=fonoster
-ENV GID=5000
-ENV UID=5000
-ENV JAVA_HOME=/service/jre
-ENV EDGEPORT_RUNNER=/service/edgeport.sh
+ENV PKCS_PASSWORD=$PKCS_PASSWORD \
+  PATH_TO_CERTS=/etc/routr/certs \
+  USER=fonoster \
+  GID=5000 \
+  UID=5000 \
+  JAVA_HOME=/service/jre \
+  EDGEPORT_RUNNER=/service/edgeport.sh \
+  TLS_ON=true
 
 WORKDIR /service
 

ops/charts/connect/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: routr-connect
 description: Routr Connect Helm Chart
 type: application
-version: 0.1.6
-appVersion: 2.1.3
+version: 0.1.7
+appVersion: 2.1.5
 dependencies:
   - name: postgresql
     version: 12.1.15

ops/charts/connect/README.md

@@ -169,28 +169,29 @@ The [CHANGELOG](https://github.com/fonoster/routr/tree/gh-pages/charts/CHANGELOG
 
 | Parameter                                              | Description                                                 | Value                               |
 | ------------------------------------------------------ | ----------------------------------------------------------- | ----------------------------------- |
-| `apiserver.image.repository`                           | Image repository                                            | ` fonoster/routr-pgdata`            |
-| `apiserver.image.tag`                                  | Image tag                                                   | ` 2.0.8-alpha.35`                   |
-| `apiserver.image.pullPolicy`                           | Image pull policy                                           | ` IfNotPresent`                     |
-| `apiserver.migrationsEnabled`                          | Enables database migrations                                 | ` true`                             |
-| `apiserver.migrationsImage.repository`                 | Image repository                                            | ` fonoster/routr-pgdata-migrations` |
-| `apiserver.migrationsImage.tag`                        | Image tag                                                   | ` 2.0.8-alpha.35`                   |
-| `apiserver.migrationsImage.pullPolicy`                 | Image pull policy                                           | ` IfNotPresent`                     |
-| `apiserver.podAnnotations`                             | Pod annotations                                             | ` {}`                               |
-| `apiserver.serviceAnnotations`                         | Service annotations                                         | ` {}`                               |
-| `apiserver.resources`                                  | Resource quotas                                             | ` {}`                               |
-| `apiserver.autoscaling.miniReplicas`                   | Minimum number of replicas                                  | ` 1`                                |
-| `apiserver.autoscaling.maxReplicas`                    | Maximum number of replicas                                  | ` 10`                               |
-| `apiserver.autoscaling.targetCPUUtilizationPercentage` | Target CPU utilization percentage                           | ` 50`                               |
-| `apiserver.securityContext.runAsUser`                  | Running as a non-root user                                  | ` 1000`                             |
-| `apiserver.securityContext.runAsGroup`                 | Running as non-root group                                   | ` 3000`                             |
-| `apiserver.securityContext.fsGroup`                    | File system group                                           | ` 2000`                             |
-| `apiserver.securityContext.allowPrivilegeEscalation`   | By default, no privilege escalation is allowed              | ` false`                            |
-| `apiserver.livenessProbe.initialDelaySeconds`          | Initial delay in seconds before starting the liveness probe | ` 5`                                |
-| `apiserver.livenessProbe.periodSeconds`                | Period between liveness probes                              | ` 5`                                |
-| `apiserver.livenessProbe.successThreshold`             | Number of successes required to be considered healthy       | ` 1`                                |
-| `apiserver.livenessProbe.failureThreshold`             | Number of failures required to be considered unhealthy      | ` 2`                                |
-| `apiserver.livenessProbe.timeoutSeconds`               | Timeout in seconds for liveness probe                       | ` 1`                                |
+| `apiserver.image.repository`                           | Image repository                                            | `fonoster/routr-pgdata`            |
+| `apiserver.image.tag`                                  | Image tag                                                   | `2.0.8-alpha.35`                   |
+| `apiserver.image.pullPolicy`                           | Image pull policy                                           | `IfNotPresent`                     |
+| `apiserver.migrationsEnabled`                          | Enables database migrations                                 | `true`                             |
+| `apiserver.migrationsImage.repository`                 | Image repository                                            | `fonoster/routr-pgdata-migrations` |
+| `apiserver.migrationsImage.tag`                        | Image tag                                                   | `2.0.8-alpha.35`                   |
+| `apiserver.migrationsImage.pullPolicy`                 | Image pull policy                                           | `IfNotPresent`                     |
+| `apiserver.tlsOn`                                      | Enables TLS for the APIServer                               | `true`                             |
+| `apiserver.podAnnotations`                             | Pod annotations                                             | `{}`                               |
+| `apiserver.serviceAnnotations`                         | Service annotations                                         | `{}`                               |
+| `apiserver.resources`                                  | Resource quotas                                             | `{}`                               |
+| `apiserver.autoscaling.miniReplicas`                   | Minimum number of replicas                                  | `1`                                |
+| `apiserver.autoscaling.maxReplicas`                    | Maximum number of replicas                                  | `10`                               |
+| `apiserver.autoscaling.targetCPUUtilizationPercentage` | Target CPU utilization percentage                           | `50`                               |
+| `apiserver.securityContext.runAsUser`                  | Running as a non-root user                                  | `1000`                             |
+| `apiserver.securityContext.runAsGroup`                 | Running as non-root group                                   | `3000`                             |
+| `apiserver.securityContext.fsGroup`                    | File system group                                           | `2000`                             |
+| `apiserver.securityContext.allowPrivilegeEscalation`   | By default, no privilege escalation is allowed              | `false`                            |
+| `apiserver.livenessProbe.initialDelaySeconds`          | Initial delay in seconds before starting the liveness probe | `5`                                |
+| `apiserver.livenessProbe.periodSeconds`                | Period between liveness probes                              | `5`                                |
+| `apiserver.livenessProbe.successThreshold`             | Number of successes required to be considered healthy       | `1`                                |
+| `apiserver.livenessProbe.failureThreshold`             | Number of failures required to be considered unhealthy      | `2`                                |
+| `apiserver.livenessProbe.timeoutSeconds`               | Timeout in seconds for liveness probe                       | `1`                                |
 
 ### Connect Processor parameters
 

ops/charts/connect/templates/apiserver/deployment.yaml

@@ -56,6 +56,8 @@ spec:
               value: {{ .Values.global.logsLevel }}
             - name: OTEL_EXPORTER_JAEGER_ENDPOINT
               value: {{ .Values.global.otlExporter }}
+            - name: TLS_ON
+              value: "{{ .Values.apiserver.tlsOn }}"
           ports:
             - containerPort: 51907
             # External port for the API server

ops/charts/connect/values.yaml

@@ -227,6 +227,8 @@ apiserver:
   # Uncomment the next line if you would like to point to an external postgresql db
   # databaseUrl: postgresql://routr:changeme@dbserver:5432/routr?schema=public
 
+  # Set to false if you want to disable TLS for the APIServer (Not recommended)
+  tlsOn: true
   # APIServer image configuration
   image:
     # APIServer image repository