search

pingidentity / helm-charts

Apache License 2.0
21 stars 31 forks source link

Update the pingtoolkit image in PF #286

Open Poornachand200 opened 2 months ago

Poornachand200 commented 2 months ago

The image url of pingidentity/pingtoolkit:2303 of init container has to be updated with private image registry url. I couldn't find the placeholder of the place holder of the toolkit image. Please let me know.

 global:
  annotations:
    application_service: "CIAM - test 2"
    spoc: "Marta Miszczyk - mmis@nuuday.dk"
  workload:
    annotations:
      application_service: "CIAM - test 2"
      spoc: "Marta Miszczyk - mmis@nuuday.dk"
  ingress:
    addReleaseNameToHost: none
    defaultDomain: test2.ciam.non-prod.managed-eks.aws.nuuday.nu
  container:
    terminationGracePeriodSeconds: 60
    lifecycle:
      preStop:
        exec:
          command: ["sh", "-c", "sleep 15"]
    probes:
      livenessProbe:
        exec:
          command:
            - /opt/liveness.sh
        failureThreshold: 4
        initialDelaySeconds: 30
        periodSeconds: 30
        successThreshold: 1
        timeoutSeconds: 5
      readinessProbe:
        exec:
          command:
            - /opt/readiness.sh
        failureThreshold: 4
        initialDelaySeconds: 30
        periodSeconds: 5
        successThreshold: 1
        timeoutSeconds: 5
      startupProbe:
        exec:
          command:
            - /opt/liveness.sh
        failureThreshold: 4
        initialDelaySeconds: 60
        periodSeconds: 20
        timeoutSeconds: 6
pingfederate-admin:
  image:
    repository: 435576480396.dkr.ecr.eu-north-1.amazonaws.com
    name: ciam-pf
    tag: latest
  enabled: true
  container:
    annotations:
      application_service: "CIAM - test"
      spoc: "Marta Miszczyk - mmis@nuuday.dk"
    resources:
      requests:
        cpu: 100m
        memory: 1400Mi
      limits:
        cpu: 3
        memory: 2000Mi
    envFrom:
      - secretRef:
          name: pingfederate-secrets
          optional: false
  envs:
    MAX_HEAP_SIZE: "768m"
    RANDOM: ${RANDOM_PLACEHOLDER}
    PF_CONSOLE_TITLE: test PingFederate
    PD_HOST: "directory-1-pingdirectory:389"
    PF_ADMIN_NODE: "federate.test2.ciam.non-prod.managed-eks.aws.nuuday.nu"
    PF_ENGINE_NODE: "federate-engine.test2.ciam.non-prod.managed-eks.aws.nuuday.nu"
    PF_ENGINE_NODE_2: "test2.ciam.nuuday.dk"
    MYSQL_CONNECTION: "jdbc:mysql://youseeid-qa-mysql-master.chniyawurvk8.eu-central-1.rds.amazonaws.com/tyspro"
  secretVolumes:
    ping-license-expr-2026-01-13:
      items:
        federate-license.lic: /opt/in/instance/server/default/conf/pingfederate.lic
    pingfederate-secrets:
      items:
        CIAM_PF_JWK: /opt/in/instance/server/default/data/pf.jwk
  ingress:
    enabled: true
    tls:
      - hosts:
          - federate._defaultDomain_
        secretName: pingfederate-2-ssl
    hosts:
      - host: federate._defaultDomain_
        paths:
          - path: /
            pathType: Prefix
            backend:
              serviceName: https
    annotations:
      nginx.ingress.kubernetes.io/backend-protocol: HTTPS
      cert-manager.io/issuer: letsencrypt
pingfederate-engine:
  image:
    repository: 435576480396.dkr.ecr.eu-north-1.amazonaws.com
    name: ciam-pf
    tag: latest
  enabled: true
  container:
    replicaCount: 3
    resources:
      requests:
        cpu: 100m
        memory: 1400Mi
      limits:
        cpu: 3
        memory: 2000Mi
    envFrom:
      - secretRef:
          name: pingfederate-secrets
          optional: false
  envs:
    PF_CONSOLE_TITLE: test PingFederate
    PD_HOST: "directory1-pingdirectory:389"
    PF_ADMIN_NODE: "federate.test2.ciam.non-prod.managed-eks.aws.nuuday.nu"
    PF_ENGINE_NODE: "federate-engine.test2.ciam.non-prod.managed-eks.aws.nuuday.nu"
    PF_ENGINE_NODE_2: "test2.ciam.nuuday.dk"
    MYSQL_CONNECTION: "jdbc:mysql://youseeid-qa-mysql-master.chniyawurvk8.eu-central-1.rds.amazonaws.com"
    MAX_HEAP_SIZE: "768m"
    RANDOM: ${RANDOM_PLACEHOLDER}
  secretVolumes:
    ping-license-expr-2026-01-13:
      items:
        federate-license.lic: /opt/in/instance/server/default/conf/pingfederate.lic
    pingfederate-secrets:
      items:
        CIAM_PF_JWK: /opt/in/instance/server/default/data/pf.jwk
  ingress:
    enabled: true
    tls:
      - hosts:
          - test2.ciam.nuuday.dk
          - federate-engine._defaultDomain_
        secretName: pingfederate-engine-2-ssl
    hosts:
      - host: test2.ciam.nuuday.dk
        paths:
          - path: /
            pathType: Prefix
            backend:
              serviceName: https
      - host: federate-engine._defaultDomain_
        paths:
          - path: /
            pathType: Prefix
            backend:
              serviceName: https
    annotations:
      nginx.ingress.kubernetes.io/backend-protocol: HTTPS
      cert-manager.io/issuer: letsencrypt
henryrecker-pingidentity commented 2 months ago

You can update the pingtoolkit image that is used in default initContainers (like waitFor) by updating the pingtoolkit value at the top level of your yaml. This is the default value of the current chart:

pingtoolkit:
  name: pingtoolkit
  image:
    name: pingtoolkit
    repository: pingidentity
    repositoryFqn:
    tag: "2403"
    pullPolicy: IfNotPresent

(see https://github.com/pingidentity/helm-charts/blob/9702dc7f8991816c968625a844320c5ab4194543/charts/ping-devops/values.yaml#L1691)

So if you need to modify any of those values, you should be able to just add in that block into your yaml and make the necessary changes. You don't need to set the pingtoolkit.enabled value to true, FYI - that would create a separate deployment of pingtoolkit.