From d65799bc56be22f129522c2e7119fcc7d712249e Mon Sep 17 00:00:00 2001
From: Swordsteel <swordsteel@gmail.com>
Date: Mon, 28 Jul 2025 10:25:17 +0200
Subject: [PATCH] helm hlaeja registry api

- update actuator.http
- update helmfile.yaml
- add 03-service.yaml
- add 02-deployment.yaml
- add 01-configmap.yaml
- update 01 secret values.yaml with keystore
- add values.yaml
- add Chart.yaml
---
 helm/charts/01-secrets/values.yaml            |  5 ++
 helm/charts/08-registry-api/Chart.yaml        |  4 ++
 .../templates/01-configmap.yaml               | 25 ++++++++
 .../templates/02-deployment.yaml              | 57 +++++++++++++++++++
 .../08-registry-api/templates/03-service.yaml | 19 +++++++
 helm/charts/08-registry-api/values.yaml       | 18 ++++++
 helm/helmfile.yaml                            |  6 ++
 http/registry-api/actuator.http               |  6 +-
 8 files changed, 137 insertions(+), 3 deletions(-)
 create mode 100644 helm/charts/08-registry-api/Chart.yaml
 create mode 100644 helm/charts/08-registry-api/templates/01-configmap.yaml
 create mode 100644 helm/charts/08-registry-api/templates/02-deployment.yaml
 create mode 100644 helm/charts/08-registry-api/templates/03-service.yaml
 create mode 100644 helm/charts/08-registry-api/values.yaml

diff --git a/helm/charts/01-secrets/values.yaml b/helm/charts/01-secrets/values.yaml
index e0b958a..b6a961f 100644
--- a/helm/charts/01-secrets/values.yaml
+++ b/helm/charts/01-secrets/values.yaml
@@ -38,4 +38,9 @@ secrets:
 #      tier: frontend
 #      keystorePassword: ServiceKeystorePassword
 #      keystoreFile: ServiceKeystoreFileBase64==
+#    - name: registry-api-keystore
+#      app: registry-api
+#      tier: frontend
+#      keystorePassword: ServiceKeystorePassword
+#      keystoreFile: ServiceKeystoreFileBase64==
 
diff --git a/helm/charts/08-registry-api/Chart.yaml b/helm/charts/08-registry-api/Chart.yaml
new file mode 100644
index 0000000..cd3b111
--- /dev/null
+++ b/helm/charts/08-registry-api/Chart.yaml
@@ -0,0 +1,4 @@
+apiVersion: v2
+name: hlaeja-registry-api
+description: A Helm chart for the hlaeja registry api
+version: 0.1.0
diff --git a/helm/charts/08-registry-api/templates/01-configmap.yaml b/helm/charts/08-registry-api/templates/01-configmap.yaml
new file mode 100644
index 0000000..54db73a
--- /dev/null
+++ b/helm/charts/08-registry-api/templates/01-configmap.yaml
@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: registry-api-environment
+  labels:
+    app: registry-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+data:
+  SPRING_PROFILES_ACTIVE: {{ .Values.config.profiles | quote }}
+  ACCOUNT_REGISTRY_URL: {{ .Values.config.accountRegistryUrl | quote }}
+  DEVICE_REGISTRY_URL: {{ .Values.config.deviceRegistryUrl | quote }}
+
+  # all of this should be preset in application.yaml
+  SERVER_PORT: "8443"
+  SERVER_SSL_ENABLED: "true"
+  SERVER_SSL_KEY_STORE: "/app/resources/cert/keystore.p12"
+  SERVER_SSL_KEY_STORE_TYPE: "PKCS12"
+
+  # This was experimental and should be removed in later versions
+  MANAGEMENT_METRICS_TAGS_APPLICATION: "register-api"
+  MANAGEMENT_INFLUX_METRICS_EXPORT_ENABLED: "false"
+  MANAGEMENT_INFLUX_METRICS_EXPORT_URL: "http://influxdb"
+  # adding this here as it's going to be deleted and is not sued internally
+  MANAGEMENT_INFLUX_METRICS_EXPORT_TOKEN: "invalidInfluxDbToken=="
diff --git a/helm/charts/08-registry-api/templates/02-deployment.yaml b/helm/charts/08-registry-api/templates/02-deployment.yaml
new file mode 100644
index 0000000..9f96564
--- /dev/null
+++ b/helm/charts/08-registry-api/templates/02-deployment.yaml
@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: registry-api
+  labels:
+    app: registry-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      app: registry-api
+  template:
+    metadata:
+      labels:
+        app: registry-api
+    spec:
+      imagePullSecrets:
+        - name: {{ .Values.docker.registry }}
+      containers:
+        - name: registry-api-app
+          image: {{ .Values.docker.image }}
+          imagePullPolicy: IfNotPresent
+          envFrom:
+            - configMapRef:
+                name: registry-api-environment
+          env:
+            - name: SERVER_SSL_KEY_STORE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.keystoreRef }}
+                  key: keystore-password
+          ports:
+            - containerPort: 8443
+          volumeMounts:
+            - name: keystore-volume
+              mountPath: /app/resources/cert/keystore.p12
+              subPath: keystore.p12
+              readOnly: true
+            - name: jwt-volume
+              mountPath: /app/resources/cert/{{ .Values.jwtPublicKey.filename }}
+              subPath: {{ .Values.jwtPublicKey.filename }}
+              readOnly: true
+      volumes:
+        - name: keystore-volume
+          secret:
+            secretName: {{ .Values.keystoreRef }}
+            items:
+              - key: keystore.p12
+                path: keystore.p12
+        - name: jwt-volume
+          secret:
+            secretName: {{ .Values.jwtPublicKey.name }}
+            items:
+              - key: {{ .Values.jwtPublicKey.filename }}
+                path: {{ .Values.jwtPublicKey.filename }}
diff --git a/helm/charts/08-registry-api/templates/03-service.yaml b/helm/charts/08-registry-api/templates/03-service.yaml
new file mode 100644
index 0000000..5c7601e
--- /dev/null
+++ b/helm/charts/08-registry-api/templates/03-service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: registry-api
+  labels:
+    app: registry-api
+    environment: {{ .Values.environment }}
+    tier: frontend
+spec:
+  {{- if and .Values.loadBalancerIP (ne .Values.loadBalancerIP "") }}
+  type: LoadBalancer
+  loadBalancerIP: {{ .Values.loadBalancerIP }}
+  {{- end }}
+  selector:
+    app: registry-api
+  ports:
+    - protocol: TCP
+      port: 443
+      targetPort: 8443
diff --git a/helm/charts/08-registry-api/values.yaml b/helm/charts/08-registry-api/values.yaml
new file mode 100644
index 0000000..582ceed
--- /dev/null
+++ b/helm/charts/08-registry-api/values.yaml
@@ -0,0 +1,18 @@
+environment: testing
+replicas: 1
+#loadBalancerIP: 10.0.3.13
+
+docker:
+  registry: dockerRegistry
+  image: lulz.ltd/hlaeja/hlaeja-registry-api:0.1.0
+
+config:
+  profiles: testing
+  accountRegistryUrl: http://account-register
+  deviceRegistryUrl: http://device-register
+
+jwtPublicKey:
+  name: account-jwt-public-key
+  filename: public_key.pem
+
+keystoreRef: registry-api-keystore
diff --git a/helm/helmfile.yaml b/helm/helmfile.yaml
index 480de34..42a7f88 100644
--- a/helm/helmfile.yaml
+++ b/helm/helmfile.yaml
@@ -40,3 +40,9 @@ releases:
     chart: ./charts/07-device-api
     values: []
     historyMax: 3
+
+  - name: registry-api
+    namespace: hlaeja-testing
+    chart: ./charts/08-registry-api
+    values: []
+    historyMax: 3
diff --git a/http/registry-api/actuator.http b/http/registry-api/actuator.http
index 8612a02..de4867d 100644
--- a/http/registry-api/actuator.http
+++ b/http/registry-api/actuator.http
@@ -1,5 +1,5 @@
 ### get actuator
-GET {{hostname}}/actuator`
-Authorization: Bearer {{token}}
-Content-Type: application/json`
+GET {{hostname}}/actuator
 
+### get actuator health
+GET {{hostname}}/actuator/health