Example chart configuration
The External Secret section provides ready-to-use configurations demonstrating how to connect previously created secrets from external secret management systems to an application. The examples showcase different integration methods that allow secure injection of credentials and other sensitive data into applications. These configurations make it easy to utilize existing secrets in a production environment.
somTemplates:
general:
imageRegistry:
basePath: "registry.base.url.local/"
repositoryName: "registry-repository"
namespace: "dev"
internalConfiguration:
mongodb:
protocol: "mongodb"
parameters:
base: "/?retryWrites=false&w=majority"
query: "/?retryWrites=false&w=majority&readPreference=secondaryPreferred"
secretKeys:
mongoHost: "db_endpoint"
mongoPort: "db_port"
mongoUser: "db_user"
mongoPassword: "db_password"
rabbitmq:
rabbitmqHost: "dev-rabbitmq-headless.dev"
rabbitmqPort: 5672
secretKeys:
rabbitmqUser: "rabbitmq_user"
rabbitmqPassword: "rabbitmq_password"
externalConfiguration:
ingressHost: "https://external-address.local/"
keycloakAuthUrl: "http://keycloak-service.dev.svc.cluster.local:8080/keycloak/auth"
keycloakRealm: som
secretStoreName: "dev"
customIdentityProvider: "https://my-idp/oauth/"
specifyLabels:
monitoring: "app" somTemplates:
somService:
global:
name: "som-service-audit-log"
secrets:
defaultSecret:
create: fasle
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=60 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-service-audit-log"
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi
somTemplates:
somService:
global:
name: "som-service-bff"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=60 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-service-bff"
configurationManagement:
applicationSecurity:
mode: "custom"
customSecurityConfiguration:
oauth2:
resourceserver:
jwt:
issuer-uri: "http://keycloak-service.dev.svc.cluster.local:8080/keycloak/auth/realms/som"
alternate-issuer-uri: "https://external-address.local/keycloak/auth/realms/som"
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi somTemplates:
somService:
global:
name: "som-service-error"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
configurationManagement:
general:
keycloakInternalAccess:
clientSecretKeyName: "errors_client_secret"
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=60 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-service-error"
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi somTemplates:
somService:
global:
name: "som-service-fulfillment"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=70 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-service-fulfillment"
resources:
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 500m
memory: 1024Mi somTemplates:
somService:
global:
name: "som-service-incoming-orders"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
replicaCount: "2"
pdb:
enabled: true
option: "minAvailable"
minAvailable: 1
affinity:
enabled: true
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=70 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-service-incoming-orders"
resources:
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 500m
memory: 1024Mi
extraConfiguration:
meta-parameters-headers: "X-Tenant-Id, X-Request-Session-Id, X-Request-Tracking-Id, X-Business-Context-PL, X-Request-Id" somTemplates:
somService:
global:
name: "som-dev-service-order"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=70 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-dev-service-order"
resources:
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 500m
memory: 1024Mi somTemplates:
somService:
global:
name: "som-dev-service-plan-builder"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=70 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-dev-service-plan-builder"
resources:
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 500m
memory: 1024Mi
somTemplates:
somService:
global:
name: "som-dev-service-validation"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=60 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-dev-service-validation"
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi
extraConfiguration:
validation:
rules:
- error: Json under validation does not exist
expression: '#this != null'
name: No validation - checking only if validated json exists somTemplates:
somService:
global:
name: "som-dev-step-executors"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=60 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-dev-step-executors"
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi
extraConfiguration:
template:
steps: CreateProductIMS, ActivateNetworkNS, ManageDeliveryDS, ManagePaymentBS, UpdateStatusIMS, WaitForMainProductCreation, WaitForPaymentCompletion
somTemplates:
somService:
global:
name: "som-service-dead-letter"
secrets:
defaultSecret:
create: false
existingSecrets:
- name: dev-app-secret
- name: dev-mongodb-secret
env:
- name: _JAVA_OPTIONS
value: "-XX:MaxRAMPercentage=60 -XX:+ExitOnOutOfMemoryError"
- name: SERVICE_NAME
value: "som-service-dead-letter"
resources:
limits:
cpu: 1000m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi
general:
imageRegistry:
basePath: "registry.base.url.local/"
repositoryName: "registry-repository"
namespace: "dev"
specifyLabels:
monitoring: "app"
somService:
global:
name: "som-service-gui"
env:
- name: REST_API_URL
value: "https://external-address.local/som-service-bff"
- name: KEYCLOAK_URL
value: "https://external-address.local/keycloak/auth"
- name: REALM
value: som
resources:
limits:
cpu: 650m
memory: 512Mi
requests:
cpu: 300m
memory: 512Mi