feat: update helm chart and add installation instructions for jwt (#22)

wearefrank · Feb 2, 2023 · bd6519c · bd6519c
1 parent 60cf0d0
commit bd6519c
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 13 deletions.
diff --git a/charts/zaakbrug/Chart.yaml b/charts/zaakbrug/Chart.yaml
@@ -1,9 +1,9 @@
 apiVersion: v2
-appVersion: 1.0
+appVersion: 1.0.4
 description: Install ZaakBrug (zds-to-zgw) on Haven, powerd by the Frank!Framework
 name: zaakbrug
 type: application
-version: 0.2.0
+version: 0.2.1
 
 home: https://github.com/ibissource/zaakbrug
 icon: "https://raw.githubusercontent.com/ibissource/zaakbrug/master/zaakbrug-icon.png"

diff --git a/charts/zaakbrug/README.md b/charts/zaakbrug/README.md
@@ -1,2 +1,69 @@
 # ZaakBrug 2.0
 
+## Installation
+
+### Required values
+
+Some values need to be filled in for the Frank! to work. 
+
+These values are:
+
+- frank.instance.name
+- frank.dtap.stage
+- connections.jdbc (we're working on a disable database option)
+
+### ZaakBrug values
+
+For the ZaakBrug to work correctly some values need to be verified and other have to be filled in. 
+
+Check if all the zgw.endpoints are configured right. Add a configMap to both zgw.globalsConfigMap and zgs.profilesConfigMap
+
+#### Globals and Profiles
+
+The Globals.json should contain organizations and role mappings. 
+
+The Profiles.json contains information about zaakTypes. The reason this file is separate, is to make it more sharable with other gemeentes. 
+
+These files need to be added to the namespace as a configMap. The name of the configMap and the key of the data should be added in the values.yaml under .name and .subPath.
+
+### Credentials
+
+The credentials are added differently so the server can handle them differently. The credentials won't be logged or shown, in contrary to all other properties. 
+
+#### Database credentials
+
+User and password can be set with values like so:
+
+```yaml
+username: postgres
+password: ExamplePassword
+# Or with property parameters
+username: ${database/username}
+password: ${database/password}
+```
+
+A nice way to set the variables is with a credentials.properties. 
+
+The property parameters used for the values will point to the right credential in the credentials.properties (you can call it differently) file. 
+
+Create a secret with the properties you want to set, for example:
+
+```properties
+database/username=test
+database/password=test
+```
+
+Now set the values: frank.credentials.secret (secret name) and frank.credentials.key (key of the data)
+
+#### Zaak JWT
+
+The ZaakBrug will automatically generate a JWT token. 
+
+To set the client id and secret, add these credentials to your credentials secret (the one mentioned above).
+
+```properties
+zaken-api.jwt/username=ZaakBrug
+zaken-api.jwt/password=secret1234
+```
+
+The username is used for the client is and the password is used for the secret.
diff --git a/charts/zaakbrug/templates/deployment.yaml b/charts/zaakbrug/templates/deployment.yaml
@@ -47,19 +47,19 @@ spec:
               mountPath: /usr/local/tomcat/conf/Catalina/localhost/ROOT.xml
               subPath: context.xml
               readOnly: true
-            {{- if .Values.zaakbrug.globalsConfigMap }}
+            {{- if .Values.zaakbrug.globalsConfigMap.name }}
             - name: {{ template "zaakbrug.fullname" . }}-profiles-json
               mountPath: /opt/frank/configurations/Translate/Globals.json
               readOnly: true
               subPath: {{ .Values.zaakbrug.profilesConfigMap.subPath }}
             {{- end }}
-            {{- if .Values.zaakbrug.profilesConfigMap }}
+            {{- if .Values.zaakbrug.profilesConfigMap.name }}
             - name: {{ template "zaakbrug.fullname" . }}-profiles-json
               mountPath: /opt/frank/configurations/Translate/Profiles.json
               readOnly: true
               subPath: {{ .Values.zaakbrug.profilesConfigMap.subPath }}
             {{- end }}
-            {{- if .Values.frank.credentials }}
+            {{- if .Values.frank.credentials.secret }}
             - name: {{ template "zaakbrug.fullname" . }}-credentials
               mountPath: /opt/frank/secrets/
               readOnly: true
@@ -87,17 +87,17 @@ spec:
         - name: {{ template "zaakbrug.fullname" . }}-specifics
           configMap:
             name: {{ template "zaakbrug.fullname" . }}-specifics
-        {{- if .Values.zaakbrug.globalsConfigMap }}
+        {{- if .Values.zaakbrug.globalsConfigMap.name }}
         - name: {{ template "zaakbrug.fullname" . }}-globals-json
           configMap:
             name: {{ .Values.zaakbrug.globalsConfigMap.name }}
         {{- end }}
-        {{- if .Values.zaakbrug.profilesConfigMap }}
+        {{- if .Values.zaakbrug.profilesConfigMap.name }}
         - name: {{ template "zaakbrug.fullname" . }}-profiles-json
           configMap:
             name: {{ .Values.zaakbrug.globalsConfigMap.name }}
         {{- end }}
-        {{- if .Values.frank.credentials }}
+        {{- if .Values.frank.credentials.secret }}
         - name: {{ template "zaakbrug.fullname" . }}-credentials
           secret:
             secretName: {{ .Values.frank.credentials.secret }}

diff --git a/charts/zaakbrug/values.yaml b/charts/zaakbrug/values.yaml
@@ -4,7 +4,7 @@ image:
   repository: wearefrank/zaakbrug
   pullPolicy: IfNotPresent
   # Overrides the image tag whose default is the chart appVersion.
-  tag: "latest"
+  tag: ""
 
 imagePullSecrets: []
 nameOverride: ""
@@ -112,11 +112,11 @@ zaakbrug:
       enkelvoudiginformatieobjecten: "documenten/api/v1/enkelvoudiginformatieobjecten"
       zaakinformatieobjecten: "zaken/api/v1/zaakinformatieobjecten"
   globalsConfigMap:
-    name:
-    key:
+    name: ""
+    key: ""
   profilesConfigMap:
-    name:
-    key:
+    name: ""
+    key: ""
 
 frank:
   # Secret containing the contents of the credentials.properties